CVE-2015-9196

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
18/04/2018
Last modified:
09/05/2018

Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:qualcomm:fsm9055_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fsm9055:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_400:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*