CVE-2017-18173

2019-05-0622:34:44

qualcomm

www.cve.org

0.0004 Low

EPSS

Percentile

12.6%

JSON

In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.

CNA Affected

[
  {
    "product": "Snapdragon Mobile",
    "vendor": "Qualcomm Technologies, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "SD 425"
      },
      {
        "status": "affected",
        "version": "SD 427"
      },
      {
        "status": "affected",
        "version": "SD 430"
      },
      {
        "status": "affected",
        "version": "SD 435"
      },
      {
        "status": "affected",
        "version": "SD 450"
      },
      {
        "status": "affected",
        "version": "SD 625"
      },
      {
        "status": "affected",
        "version": "SD 810"
      },
      {
        "status": "affected",
        "version": "SD 820"
      },
      {
        "status": "affected",
        "version": "SD 835"
      },
      {
        "status": "affected",
        "version": "SDM630"
      },
      {
        "status": "affected",
        "version": "SDM636"
      },
      {
        "status": "affected",
        "version": "SDM660"
      },
      {
        "status": "affected",
        "version": "Snapdragon_High_Med_2016"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2017-18173