← Back to CVE List

CVE-2015-9148

Published: 2018-04-18T14:29Z
Last Modified: 2024-11-21T02:39Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 400, SD 425, SD 430, SD 450, SD 600, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in the Diag User-PD command registration function, a length variable used during buffer allocation is not checked, so if it is very large, an integer overflow followed by a buffer overflow occurs. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt