CVE-2017-18155: Input Validation
First published: Mon Jun 04 2018(Updated: )
While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| qualcomm MSM8996AU firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm SDM450 Firmware | ||
| Qualcomm SDM450 | ||
| Qualcomm SD 625 Firmware | ||
| Qualcomm Snapdragon 625 | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD835 Firmware | ||
| Qualcomm Snapdragon 835 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-18155?
CVE-2017-18155 is classified as a moderate severity vulnerability due to the potential for a kernel fault.
How do I fix CVE-2017-18155?
To fix CVE-2017-18155, ensure that your device is updated to the latest firmware or software version that addresses this vulnerability.
Which devices are affected by CVE-2017-18155?
CVE-2017-18155 affects devices utilizing the Snapdragon Automobile and Snapdragon Mobile platforms, specifically variants MSM8996AU, SD 450, SD 625, SD 820, SD 820A, and SD 835.
What kind of vulnerability is CVE-2017-18155?
CVE-2017-18155 is characterized as a vulnerability resulting from the use of an uninitialized variable leading to potential kernel faults during HEVC content playback.
How can I check if my device is impacted by CVE-2017-18155?
You can check the vulnerability status of your device by reviewing the firmware version against the list of affected Snapdragon platforms associated with CVE-2017-18155.
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/weakness
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm sdm450 firmware
- canonical/qualcomm sdm450
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm snapdragon 625
- canonical/qualcomm sd820 firmware
- canonical/qualcomm sd820a firmware
- canonical/qualcomm sd835 firmware
- canonical/qualcomm snapdragon 835