CVE-2017-18293

Summary

When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Mobile, Snapdragon WearMDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660affected

Weaknesses

  • Improper Access Control on TLMM Banked GPIO Registers

ADP Enrichment

CVE Program Container

Additional References

References