First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in the function "Certificate_CreateWithBuffer" in the QSEE app TQS, in case of memory allocation failure, we free the memory and return the pointer without setting it to NULL.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Sd 410 Firmware | ||
Qualcomm Sd 410 | ||
Qualcomm Sd 412 Firmware | ||
Qualcomm Sd 412 | ||
Qualcomm Sd 617 Firmware | ||
Qualcomm Sd 617 | ||
Qualcomm Sd 650 Firmware | ||
Qualcomm Sd 650 | ||
Qualcomm Sd 652 Firmware | ||
Qualcomm Sd 652 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 | ||
Google Android | ||
Qualcomm Sd 808 | ||
Google Android | ||
Qualcomm Sd 810 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-9162 is a vulnerability in Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810.
CVE-2015-9162 has a severity level of 9.8 (Critical).
CVE-2015-9162 affects Google Android and Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810.
To fix CVE-2015-9162, update your Android operating system to the latest version and apply the security patch released by Google.
You can find more information about CVE-2015-9162 on the SecurityFocus website and the Android Security Bulletin for April 2018.