CVE-2015-9199

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, and SD 820A, A non-secure region check is done while registering QSEE buffer address which is passed by HLOS but not while logging in the QSEE buffer, so corruption of dynamically protected secure region can occur if the non-secure buffer is changed between the time it's checked and when it's used.
References
Link Resource
http://www.securityfocus.com/bid/103671 Third Party Advisory VDB Entry
https://source.android.com/security/bulletin/2018-04-01 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9625:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sd_400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_400:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sd_808_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_808:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-04-18 14:29

Updated : 2024-02-28 16:25


NVD link : CVE-2015-9199

Mitre link : CVE-2015-9199

CVE.ORG link : CVE-2015-9199


JSON object : View

Products Affected

qualcomm

  • sd_205
  • sd_616
  • sd_410
  • sd_212_firmware
  • mdm9655_firmware
  • mdm9640
  • mdm9655
  • sd_210_firmware
  • sd_820_firmware
  • sd_800
  • ipq4019
  • mdm9640_firmware
  • mdm9625
  • mdm9635m_firmware
  • sd_205_firmware
  • sd_615_firmware
  • sd_800_firmware
  • mdm9635m
  • mdm9650
  • ipq4019_firmware
  • sd_415
  • sd_400_firmware
  • sd_810_firmware
  • sd_400
  • sd_210
  • sd_212
  • sd_410_firmware
  • sd_415_firmware
  • sd_412
  • mdm9625_firmware
  • sd_412_firmware
  • sd_615
  • sd_808_firmware
  • sd_820
  • mdm9650_firmware
  • sd_810
  • sd_820a_firmware
  • sd_820a
  • sd_808
  • sd_616_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer