CVE-2015-9150

Summary

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, while computing the length of memory allocated for a Diag event, if the buffer length is very small or greater than the maximum, an integer overflow may occur, which later results in a buffer overflow.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon MobileMDM9625, MDM9635M, SD 400, SD 800affected

Weaknesses

  • Integer overflow to buffer overflow in the DIAG event handler

ADP Enrichment

CVE Program Container

Additional References

References