CVE-2017-18301: Null Pointer Dereference
First published: Mon Aug 06 2018(Updated: )
In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Google Android | ||
| Qualcomm Fsm9955 Firmware | ||
| Google Android | ||
| Qualcomm Mdm9607 Firmware | ||
| Qualcomm Mdm9607 | ||
| Qualcomm Mdm9640 Firmware | ||
| Qualcomm Mdm9640 | ||
| Qualcomm Mdm9650 Firmware | ||
| Qualcomm Mdm9650 | ||
| Qualcomm Msm8909w Firmware | ||
| Qualcomm Msm8909w | ||
| Qualcomm Sd425 Firmware | ||
| Qualcomm Sd425 | ||
| Qualcomm Sd427 Firmware | ||
| Qualcomm Sd427 | ||
| Qualcomm Sd430 Firmware | ||
| Qualcomm Sd430 | ||
| Qualcomm Sd435 Firmware | ||
| Qualcomm Sd435 | ||
| Qualcomm Sd450 Firmware | ||
| Qualcomm Sd450 | ||
| Qualcomm Sd617 Firmware | ||
| Qualcomm Sd617 | ||
| Qualcomm Sd625 Firmware | ||
| Qualcomm Sd625 | ||
| Qualcomm Sd650 Firmware | ||
| Qualcomm Sd650 | ||
| Qualcomm Sd652 Firmware | ||
| Qualcomm Sd652 | ||
| Qualcomm Sd820 Firmware | ||
| Qualcomm Sd820 | ||
| Qualcomm Sd820a Firmware | ||
| Qualcomm Sd820a | ||
| Qualcomm Sd835 Firmware | ||
| Qualcomm Sd835 | ||
| Qualcomm Sd845 Firmware | ||
| Qualcomm Sd845 | ||
| Qualcomm Sdm630 Firmware | ||
| Qualcomm Sdm630 | ||
| Qualcomm Sdm636 Firmware | ||
| Qualcomm Sdm636 | ||
| Qualcomm Sdm660 Firmware | ||
| Qualcomm Sdm660 | ||
| Qualcomm Sdx20 Firmware | ||
| Qualcomm Sdx20 | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
- https://www.qualcomm.com/company/product-security/bulletins
- https://source.android.com/docs/security/bulletin/2018-08-01/#asterisk
- https://source.android.com/docs/security/bulletin/2018-08-01 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2017-18301?
The severity of CVE-2017-18301 is high with a severity value of 5.5.
What software is affected by CVE-2017-18301?
The affected software includes Small Cell SoC and Snapdragon devices such as FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, and SDX20.
How can I fix CVE-2017-18301?
To fix CVE-2017-18301, it is recommended to apply the latest security patches provided by the software vendor.
Where can I find more information about CVE-2017-18301?
More information about CVE-2017-18301 can be found on the official Android Security Bulletin for August 2018.
What is the Common Weakness Enumeration (CWE) for CVE-2017-18301?
The Common Weakness Enumeration (CWE) for CVE-2017-18301 is CWE-476.
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- agent/description
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm fsm9955 firmware
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9607
- canonical/qualcomm mdm9640 firmware
- canonical/qualcomm mdm9640
- canonical/qualcomm mdm9650 firmware
- canonical/qualcomm mdm9650
- canonical/qualcomm msm8909w firmware
- canonical/qualcomm msm8909w
- canonical/qualcomm sd425 firmware
- canonical/qualcomm sd425
- canonical/qualcomm sd427 firmware
- canonical/qualcomm sd427
- canonical/qualcomm sd430 firmware
- canonical/qualcomm sd430
- canonical/qualcomm sd435 firmware
- canonical/qualcomm sd435
- canonical/qualcomm sd450 firmware
- canonical/qualcomm sd450
- canonical/qualcomm sd617 firmware
- canonical/qualcomm sd617
- canonical/qualcomm sd625 firmware
- canonical/qualcomm sd625
- canonical/qualcomm sd650 firmware
- canonical/qualcomm sd650
- canonical/qualcomm sd652 firmware
- canonical/qualcomm sd652
- canonical/qualcomm sd820 firmware
- canonical/qualcomm sd820
- canonical/qualcomm sd820a firmware
- canonical/qualcomm sd820a
- canonical/qualcomm sd835 firmware
- canonical/qualcomm sd835
- canonical/qualcomm sd845 firmware
- canonical/qualcomm sd845
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm sdm630
- canonical/qualcomm sdm636 firmware
- canonical/qualcomm sdm636
- canonical/qualcomm sdm660 firmware
- canonical/qualcomm sdm660
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sdx20
- vendor/google