CVE-2015-9133

Summary

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800, and SD 810, if Widevine App TZ_WV_CMD_DECRYPT_VIDEO is called with a size too large, an integer overflow may occur.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon MobileSD 400, SD 410/12, SD 617, SD 650/52, SD 800, SD 810affected

Weaknesses

  • Integer overflow vulnerability in Widevine App

ADP Enrichment

CVE Program Container

Additional References

References