CVE-2014-10043
N/A
N/A
Summary
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Mobile, Snapdragon Wear | MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 800 | affected |
Weaknesses
- Buffer Over-Read in Core.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.