CVE-2015-9208
CVE-2015-9208 affects Android on Qualcomm Snapdragon devices (various SoCs listed). The vulnerability arises because tzbsp_pil_verify_sig() does not strictly constrain the ELF/program headers and hash segment pointers to secure memory; it only ensures addresses are not in non-secure memory, allow...