CVE-2015-9221
CRITICALQualcomm SD 400, SD 800, and SD 810 Firmware - Untrusted Pointer Dereference
Title source: llmDescription
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 800, and SD 810, lack of validation of pointers passed by secure apps could lead to an untrusted pointer dereference.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2018-04-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103671
Scores
CVSS v3
9.8
EPSS
0.0018
EPSS Percentile
38.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-476
Status
published
Products (3)
qualcomm/sd_400_firmware
qualcomm/sd_800_firmware
qualcomm/sd_810_firmware
Published
Apr 18, 2018
Tracked Since
Feb 18, 2026