CVE-2017-18155
HIGHQualcomm Msm8996au Firmware - Improper Input Validation
Title source: ruleDescription
While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
Scores
CVSS v3
7.8
EPSS
0.0010
EPSS Percentile
27.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (6)
qualcomm/msm8996au_firmware
qualcomm/sd_450_firmware
qualcomm/sd_625_firmware
qualcomm/sd_820_firmware
qualcomm/sd_820a_firmware
qualcomm/sd_835_firmware
Published
Jul 12, 2018
Tracked Since
Feb 18, 2026