Vulnerability Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2017-07-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-04-01
- http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2017-07-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-04-01
FAQ
What is CVE-2014-9971?
CVE-2014-9971 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.
How severe is CVE-2014-9971?
CVE-2014-9971 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-9971?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.