Vulnerability Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, and SDX20, integer overflow occurs when the size of the firmware section is incorrectly encoded in the firmware image.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9206 Firmware | - |
| Qualcomm | Mdm9206 | - |
| Qualcomm | Mdm9607 Firmware | - |
| Qualcomm | Mdm9607 | - |
| Qualcomm | Ipq4019 Firmware | - |
| Qualcomm | Ipq4019 | - |
| Qualcomm | Ipq8064 Firmware | - |
| Qualcomm | Ipq8064 | - |
| Qualcomm | Qca4531 Firmware | - |
| Qualcomm | Qca4531 | - |
| Qualcomm | Mdm9640 Firmware | - |
| Qualcomm | Mdm9640 | - |
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Qca6574Au Firmware | - |
| Qualcomm | Qca6574Au | - |
| Qualcomm | Qca6584 Firmware | - |
| Qualcomm | Qca6584 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103671Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-04-01Vendor Advisory
- http://www.securityfocus.com/bid/103671Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-04-01Vendor Advisory
FAQ
What is CVE-2015-9220?
CVE-2015-9220 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA65...
How severe is CVE-2015-9220?
CVE-2015-9220 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-9220?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9206 Firmware, Qualcomm Mdm9206, Qualcomm Mdm9607 Firmware, Qualcomm Mdm9607, Qualcomm Ipq4019 Firmware.