1. Home
  2. CVE Database
  3. CVE-2017-18155
HIGH · 7.8

CVE-2017-18155

While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a...

Vulnerability Description

While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommMsm8996Au Firmware-
QualcommMsm8996Au-
QualcommSd 450 Firmware-
QualcommSd 450-
QualcommSd 625 Firmware-
QualcommSd 625-
QualcommSd 820 Firmware-
QualcommSd 820-
QualcommSd 820A Firmware-
QualcommSd 820A-
QualcommSd 835 Firmware-
QualcommSd 835-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2017-18155?

CVE-2017-18155 is a vulnerability with a CVSS score of 7.8 (HIGH). While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a...

How severe is CVE-2017-18155?

CVE-2017-18155 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18155?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Msm8996Au Firmware, Qualcomm Msm8996Au, Qualcomm Sd 450 Firmware, Qualcomm Sd 450, Qualcomm Sd 625 Firmware.