CVE-2017-18305
N/A
N/A
Summary
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Mobile, Snapdragon Wear | MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 | affected |
Weaknesses
- Improper Access Control in Core
ADP Enrichment
CVE Program Container
Additional References
- https://www.qualcomm.com/company/product-security/bulletins
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
References
- https://www.qualcomm.com/company/product-security/bulletins
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.