1. Home
  2. CVE Database
  3. CVE-2015-9202
CRITICAL · 9.8

CVE-2015-9202

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 4...

Vulnerability Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while processing the content headers in the Playready module, a buffer overread may occur if the header count exceeds the expected value.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommMdm9206 Firmware-
QualcommMdm9206-
QualcommMdm9650 Firmware-
QualcommMdm9650-
QualcommMsm8909W Firmware-
QualcommMsm8909W-
QualcommSd 210 Firmware-
QualcommSd 210-
QualcommSd 212 Firmware-
QualcommSd 212-
QualcommSd 205 Firmware-
QualcommSd 205-
QualcommSd 410 Firmware-
QualcommSd 410-
QualcommSd 412 Firmware-
QualcommSd 412-
QualcommSd 425 Firmware-
QualcommSd 425-
QualcommSd 430 Firmware-
QualcommSd 430-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2015-9202?

CVE-2015-9202 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 4...

How severe is CVE-2015-9202?

CVE-2015-9202 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2015-9202?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9206 Firmware, Qualcomm Mdm9206, Qualcomm Mdm9650 Firmware, Qualcomm Mdm9650, Qualcomm Msm8909W Firmware.