CVE-2014-9998 Information
Feb 14, 2021
cve
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile Snapdragon Mobile and Snapdragon Wear IPQ4019 IPQ8064 MDM9206 MDM9607 MDM9635M MDM9640 MDM9650 QCA4531 QCA6174A QCA6574AU QCA6584 QCA6584AU QCA9377 QCA9378 QCA9379 QCA9558 QCA9880 QCA9886 QCA9980 SD 210/SD 212/SD 205 SD 425 SD 625 SD 808 SD 810 SD 820 and SDX20 while processing firmware image signature the internal buffer may overflow if the firmware signature size is large.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/103671 https://source.android.com/security/bulletin/2018-04-01
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8
Share on: