CVE-2015-9179

https://notcve.org/view.php?id=CVE-2015-9179

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile MSM8974, la falta de comprobación de longitud en OEMCrypto_DeriveKeysFromSessionKey() podría conducir a una vulnerabilidad de desbordamiento de búfer. • http://www.securityfocus.com/bid/103671 https://source.android.com/security/bulletin/2018-04-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •