CVE-2017-18125
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers. The TEE application which uses secure camera expects those buffers to contain data captured during the current camera session. It is possible though for HLOS to put aside and reuse one or more of the protected buffers with previously captured data during next camera session. Such data reuse must be prevented as the TEE applications expects to receive valid data captured during the current session only.
En Android, antes del nivel de parche de seguridad del 2018-04-05 en Qualcomm Snapdragon Mobile y Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845 y SD 850, cuando secure camera está activado, almacena los datos capturados en búfers protegidos. La aplicación TEE que emplea secure camera espera que esos búfers contengan datos capturados durante la sesión de cámara actual. Sin embargo, es posible que HLOS deje a un lado y reutilice uno o más búfers protegidos con datos previamente capturados durante la próxima sesión de cámara. Debe evitarse la reutilización de datos, ya que la aplicación TEE espera recibir datos válidos capturados solo durante la sesión actual.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-02-05 CVE Reserved
- 2018-04-11 CVE Published
- 2024-02-10 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-384: Session Fixation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103671 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://source.android.com/security/bulletin/2018-04-01 | 2018-05-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Mdm9206 Firmware Search vendor "Qualcomm" for product "Mdm9206 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9206 Search vendor "Qualcomm" for product "Mdm9206" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9607 Firmware Search vendor "Qualcomm" for product "Mdm9607 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9607 Search vendor "Qualcomm" for product "Mdm9607" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9650 Firmware Search vendor "Qualcomm" for product "Mdm9650 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9650 Search vendor "Qualcomm" for product "Mdm9650" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 210 Firmware Search vendor "Qualcomm" for product "Sd 210 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 210 Search vendor "Qualcomm" for product "Sd 210" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 212 Firmware Search vendor "Qualcomm" for product "Sd 212 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 212 Search vendor "Qualcomm" for product "Sd 212" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 205 Firmware Search vendor "Qualcomm" for product "Sd 205 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 205 Search vendor "Qualcomm" for product "Sd 205" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 835 Firmware Search vendor "Qualcomm" for product "Sd 835 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 835 Search vendor "Qualcomm" for product "Sd 835" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 845 Firmware Search vendor "Qualcomm" for product "Sd 845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 845 Search vendor "Qualcomm" for product "Sd 845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 850 Firmware Search vendor "Qualcomm" for product "Sd 850 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 850 Search vendor "Qualcomm" for product "Sd 850" | - | - |
Safe
|