8.3 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.1%
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability.
www.securityfocus.com/bid/103671
source.android.com/security/bulletin/2018-04-01