Lucene search

[email protected]CVE-2017-18301

HistorySep 20, 2018 - 1:29 p.m.

CVE-2017-18301

2018-09-2013:29:00

CWE-476

[email protected]

web.nvd.nist.gov

cve-2017-18301

small cell soc

snapdragon

fsm9055

fsm9955

mdm9607

mdm9640

mdm9650

msm8909w

sd 425

sd 427

sd 430

sd 435

sd 450

sd 617

sd 625

sd 650/52

sd 820

sd 820a

sd 835

sd 845

sdm630

sdm636

sdm660

sdx20

security vulnerability

system restart

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.1%

JSON

In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart.

Affected configurations

NVD

Node

qualcommfsm9055_firmwareMatch-

AND

qualcommfsm9055Match-

Node

qualcommfsm9955_firmwareMatch-

AND

qualcommfsm9955Match-

Node

qualcommmdm9607_firmwareMatch-

AND

qualcommmdm9607Match-

Node

qualcommmdm9640_firmwareMatch-

AND

qualcommmdm9640Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommmsm8909w_firmwareMatch-

AND

qualcommmsm8909wMatch-

Node

qualcommsd425_firmwareMatch-

AND

qualcommsd425Match-

Node

qualcommsd427_firmwareMatch-

AND

qualcommsd427Match-

Node

qualcommsd430_firmwareMatch-

AND

qualcommsd430Match-

Node

qualcommsd435_firmwareMatch-

AND

qualcommsd435Match-

Node

qualcommsd450_firmwareMatch-

AND

qualcommsd450Match-

Node

qualcommsd617_firmwareMatch-

AND

qualcommsd617Match-

Node

qualcommsd625_firmwareMatch-

AND

qualcommsd625Match-

Node

qualcommsd650_firmwareMatch-

AND

qualcommsd650Match-

Node

qualcommsd652_firmwareMatch-

AND

qualcommsd652Match-

Node

qualcommsd820_firmwareMatch-

AND

qualcommsd820Match-

Node

qualcommsd820a_firmwareMatch-

AND

qualcommsd820aMatch-

Node

qualcommsd835_firmwareMatch-

AND

qualcommsd835Match-

Node

qualcommsd845_firmwareMatch-

AND

qualcommsd845Match-

Node

qualcommsdm630_firmwareMatch-

AND

qualcommsdm630Match-

Node

qualcommsdm636_firmwareMatch-

AND

qualcommsdm636Match-

Node

qualcommsdm660_firmwareMatch-

AND

qualcommsdm660Match-

Node

qualcommsdx20_firmwareMatch-

AND

qualcommsdx20Match-

CPENameOperatorVersion
qualcomm:fsm9055_firmwarequalcomm fsm9055 firmwareeq-

CPE	Name	Operator	Version
qualcomm:fsm9055_firmware	qualcomm fsm9055 firmware	eq	-

References

www.securitytracker.com/id/1041432

source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components

www.qualcomm.com/company/product-security/bulletins

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.1%

JSON

Related for CVE-2017-18301

prion1 nvd1 cvelist1