CVE-2017-18172: Integer Overflow
First published: Mon Jul 02 2018(Updated: )
In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm MDM9635M firmware | ||
| Qualcomm MDM9635M firmware | ||
| Qualcomm SD 400 Firmware | ||
| Qualcomm Snapdragon 400 | ||
| Qualcomm SD410 Firmware | ||
| Qualcomm Snapdragon 410 | ||
| Qualcomm SD412 Firmware | ||
| Qualcomm SD412 | ||
| Qualcomm SDR425 Firmware | ||
| Qualcomm Snapdragon 425 | ||
| Qualcomm SD427 Firmware | ||
| Qualcomm SD 427 firmware | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SD 430 Firmware | ||
| qualcomm sd435 firmware | ||
| Qualcomm Snapdragon 435 | ||
| Qualcomm SDM450 Firmware | ||
| Qualcomm SDM450 | ||
| Qualcomm SD615 Firmware | ||
| Qualcomm Snapdragon 615 | ||
| Qualcomm SD 616 Firmware | ||
| Qualcomm Snapdragon 616 | ||
| Qualcomm Snapdragon 415 Firmware | ||
| Qualcomm Snapdragon 415 | ||
| Qualcomm SD 625 Firmware | ||
| Qualcomm Snapdragon 625 | ||
| Qualcomm SD650 Firmware | ||
| Qualcomm Snapdragon 650 | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD835 Firmware | ||
| Qualcomm Snapdragon 835 | ||
| Qualcomm SDM630 | ||
| Qualcomm SDM630 Firmware | ||
| Qualcomm SD 636 Firmware | ||
| Qualcomm SDM636 Firmware | ||
| Qualcomm SD660 Firmware | ||
| Qualcomm Snapdragon 660 | ||
| Qualcomm SD617 Firmware | ||
| Qualcomm QCA617 | ||
| Qualcomm Snapdragon 800 Firmware | ||
| Qualcomm Snapdragon 800 | ||
| Qualcomm Snapdragon 810 Firmware | ||
| Qualcomm Snapdragon 810 | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD820A Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-18172?
The severity of CVE-2017-18172 is considered high due to the potential for an integer overflow that could lead to serious security risks.
How do I fix CVE-2017-18172?
To fix CVE-2017-18172, apply the latest firmware updates provided by Qualcomm for the affected Snapdragon chipsets.
What devices are affected by CVE-2017-18172?
CVE-2017-18172 affects devices utilizing Snapdragon chipsets such as MDM9635M, SD 400, and others in the specified versions.
What types of vulnerabilities are present in CVE-2017-18172?
CVE-2017-18172 presents an integer overflow or wraparound vulnerability that can compromise system UI functionality.
Is CVE-2017-18172 specific to Android devices?
Yes, CVE-2017-18172 is primarily associated with Android devices using specific Qualcomm Snapdragon platforms.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm mdm9635m firmware
- canonical/qualcomm sd 400 firmware
- canonical/qualcomm snapdragon 400
- canonical/qualcomm sd410 firmware
- canonical/qualcomm snapdragon 410
- canonical/qualcomm sd412 firmware
- canonical/qualcomm sd412
- canonical/qualcomm sdr425 firmware
- canonical/qualcomm snapdragon 425
- canonical/qualcomm sd427 firmware
- canonical/qualcomm sd 427 firmware
- canonical/qualcomm sd 430 firmware
- canonical/qualcomm sd435 firmware
- canonical/qualcomm snapdragon 435
- canonical/qualcomm sdm450 firmware
- canonical/qualcomm sdm450
- canonical/qualcomm sd615 firmware
- canonical/qualcomm snapdragon 615
- canonical/qualcomm sd 616 firmware
- canonical/qualcomm snapdragon 616
- canonical/qualcomm snapdragon 415 firmware
- canonical/qualcomm snapdragon 415
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm snapdragon 625
- canonical/qualcomm sd650 firmware
- canonical/qualcomm snapdragon 650
- canonical/qualcomm sd652 firmware
- canonical/qualcomm sd820 firmware
- canonical/qualcomm sd835 firmware
- canonical/qualcomm snapdragon 835
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm sd 636 firmware
- canonical/qualcomm sdm636 firmware
- canonical/qualcomm sd660 firmware
- canonical/qualcomm snapdragon 660
- canonical/qualcomm sd617 firmware
- canonical/qualcomm qca617
- canonical/qualcomm snapdragon 800 firmware
- canonical/qualcomm snapdragon 800
- canonical/qualcomm snapdragon 810 firmware
- canonical/qualcomm snapdragon 810
- canonical/qualcomm sd820a firmware