CVE-2017-13218
N/A
N/A
Summary
Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, QCN5502, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android | All Android releases from CAF using the Linux kernel | affected |
Weaknesses
- Permissions, Privileges and Access control issue in Kernel
ADP Enrichment
CVE Program Container
Additional References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/bid/102390
- https://source.android.com/security/bulletin/2018-01-01
- https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-security-bulletin
- http://www.securitytracker.com/id/1040106
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/bid/102390
- https://source.android.com/security/bulletin/2018-01-01
- https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-security-bulletin
- http://www.securitytracker.com/id/1040106
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.