Vulnerability Details CVE-2014-9995
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there might be an integer wrap when checking feature_name_len + filePathLen. This leads to a buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2014-9995
-
cpe:2.3:h:qualcomm:sd_400:-
-
cpe:2.3:h:qualcomm:sd_800:-
-
cpe:2.3:o:qualcomm:sd_400_firmware:-
-
cpe:2.3:o:qualcomm:sd_800_firmware:-