CVE-2015-9162
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in the function "Certificate_CreateWithBuffer" in the QSEE app TQS, in case of memory allocation failure, we free the memory and return the pointer without setting it to NULL.
En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808 y SD 810, en la función "Certificate_CreateWithBuffer" en la aplicación TQS de QSEE, en caso de un error de asignación de memoria, se libera la memoria y se devuelve el puntero sin establecerlo como NULL.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-08-16 CVE Reserved
- 2018-04-18 CVE Published
- 2023-09-09 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103671 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://source.android.com/security/bulletin/2018-04-01 | 2018-05-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Sd 410 Firmware Search vendor "Qualcomm" for product "Sd 410 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 410 Search vendor "Qualcomm" for product "Sd 410" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 412 Firmware Search vendor "Qualcomm" for product "Sd 412 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 412 Search vendor "Qualcomm" for product "Sd 412" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 617 Firmware Search vendor "Qualcomm" for product "Sd 617 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 617 Search vendor "Qualcomm" for product "Sd 617" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 650 Firmware Search vendor "Qualcomm" for product "Sd 650 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 650 Search vendor "Qualcomm" for product "Sd 650" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 652 Firmware Search vendor "Qualcomm" for product "Sd 652 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 652 Search vendor "Qualcomm" for product "Sd 652" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 800 Firmware Search vendor "Qualcomm" for product "Sd 800 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 800 Search vendor "Qualcomm" for product "Sd 800" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 808 Firmware Search vendor "Qualcomm" for product "Sd 808 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 808 Search vendor "Qualcomm" for product "Sd 808" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 810 Firmware Search vendor "Qualcomm" for product "Sd 810 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 810 Search vendor "Qualcomm" for product "Sd 810" | - | - |
Safe
|