CVE-2017-11076: Use of Out-of-range Pointer Offset in Video

First published: Tue Nov 26 2024(Updated: )

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm Msm8909w Firmware
Qualcomm Msm8909w
All of
Qualcomm Msm8996au Firmware
Qualcomm Msm8996au
All of
Qualcomm Sd 210 Firmware
Qualcomm Sd 210
All of
Qualcomm Sd 212 Firmware
Qualcomm Sd 212
All of
Qualcomm Sd 205 Firmware
Qualcomm Sd 205
All of
Qualcomm Sd 425 Firmware
Qualcomm Sd 425
All of
Qualcomm Sd 427 Firmware
Qualcomm Sd 427
All of
Qualcomm Sd 430 Firmware
Qualcomm Sd 430
All of
Qualcomm Sd 435 Firmware
Qualcomm Sd 435
All of
Qualcomm Sd 450 Firmware
Qualcomm Sd 450
All of
Qualcomm Sd 615 Firmware
Qualcomm Sd 615
All of
Qualcomm Sd 616 Firmware
Qualcomm Sd 616
All of
Qualcomm Sd 415 Firmware
Qualcomm Sd 415
All of
Qualcomm Sd 625 Firmware
Qualcomm Sd 625
All of
Qualcomm Sd 810 Firmware
Qualcomm Sd 810
All of
Qualcomm Sd 820 Firmware
Qualcomm Sd 820
All of
Qualcomm Sd 820a Firmware
Qualcomm Sd 820a
All of
Qualcomm Sd 835 Firmware
Qualcomm Sd 835
All of
Qualcomm Sd 845 Firmware
Qualcomm Sd 845
All of
Qualcomm Sdm429 Firmware
Qualcomm Sdm429
All of
Qualcomm Sdm439 Firmware
Qualcomm Sdm439
All of
Qualcomm Sdm630 Firmware
Qualcomm Sdm630
All of
Qualcomm Sdm632 Firmware
Qualcomm Sdm632
All of
Qualcomm Sdm636 Firmware
Qualcomm Sdm636
All of
Qualcomm Sdm660 Firmware
Qualcomm Sdm660
All of
Qualcomm Sdm710 Firmware
Qualcomm Sdm710
All of
Qualcomm Snapdragon High Med 2016 Firmware
Qualcomm Snapdragon High Med 2016

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html

agent/title
agent/references
agent/first-publish-date
agent/type
agent/description
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/weakness
agent/softwarecombine
agent/tags
vendor/qualcomm
canonical/qualcomm msm8909w firmware
canonical/qualcomm msm8909w
canonical/qualcomm msm8996au firmware
canonical/qualcomm msm8996au
canonical/qualcomm sd 210 firmware
canonical/qualcomm sd 210
canonical/qualcomm sd 212 firmware
canonical/qualcomm sd 212
canonical/qualcomm sd 205 firmware
canonical/qualcomm sd 205
canonical/qualcomm sd 425 firmware
canonical/qualcomm sd 425
canonical/qualcomm sd 427 firmware
canonical/qualcomm sd 427
canonical/qualcomm sd 430 firmware
canonical/qualcomm sd 430
canonical/qualcomm sd 435 firmware
canonical/qualcomm sd 435
canonical/qualcomm sd 450 firmware
canonical/qualcomm sd 450
canonical/qualcomm sd 615 firmware
canonical/qualcomm sd 615
canonical/qualcomm sd 616 firmware
canonical/qualcomm sd 616
canonical/qualcomm sd 415 firmware
canonical/qualcomm sd 415
canonical/qualcomm sd 625 firmware
canonical/qualcomm sd 625
canonical/qualcomm sd 810 firmware
canonical/qualcomm sd 810
canonical/qualcomm sd 820 firmware
canonical/qualcomm sd 820
canonical/qualcomm sd 820a firmware
canonical/qualcomm sd 820a
canonical/qualcomm sd 835 firmware
canonical/qualcomm sd 835
canonical/qualcomm sd 845 firmware
canonical/qualcomm sd 845
canonical/qualcomm sdm429 firmware
canonical/qualcomm sdm429
canonical/qualcomm sdm439 firmware
canonical/qualcomm sdm439
canonical/qualcomm sdm630 firmware
canonical/qualcomm sdm630
canonical/qualcomm sdm632 firmware
canonical/qualcomm sdm632
canonical/qualcomm sdm636 firmware
canonical/qualcomm sdm636
canonical/qualcomm sdm660 firmware
canonical/qualcomm sdm660
canonical/qualcomm sdm710 firmware
canonical/qualcomm sdm710
canonical/qualcomm snapdragon high med 2016 firmware
canonical/qualcomm snapdragon high med 2016

CVE-2017-11076: Use of Out-of-range Pointer Offset in Video

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact