The vulnerability in the implementation of syntactic analysis of user action lists in Qualcomm’s embedded software allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of the syntax analysis implementation for the user action list in Qualcomm’s embedded software lies in the buffer overflow that occurs when the TLV Tag-length-value data writing method with the NDPE parameter is used. Exploiting this vulnerability allows a remote attacker to...