ID
VAR-201809-0051
CVE
CVE-2017-18302
TITLE
Snapdragon Race condition vulnerability
Trust: 0.8
DESCRIPTION
In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify the structure in memory passed to a QSEE application between the time of check and the time of use, resulting in arbitrary writes to TZ kernel memory regions. Snapdragon (Automobile and Mobile) Contains a race condition vulnerability.Information may be tampered with. Qualcomm MSM8996AU, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. A security vulnerability exists in Ontario_Driver_loctl in several Qualcomm Snapdragon products. An attacker can use a specially crafted HLOS client to exploit this vulnerability to change the frame in memory, thereby writing arbitrary content to the TZ kernel memory area. The following products (automotive and mobile) are affected: Qualcomm MSM8996AU; SD 425; SD 427; SD 430; SD 435; SD 450; SD 625; SD 650/52; SD 820; SD 820A; SD 835; SDM439; SDM630; SDM632; SDM636; SDM660; Snapdragon_High_Med_2016
Trust: 1.8
AFFECTED PRODUCTS
| vendor: | qualcomm | model: | sdm439 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sda660 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sdm636 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sdm660 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sdm632 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd820a | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sdm429 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd835 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd820 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sdm630 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | msm8996au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd435 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd652 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd427 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd625 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd650 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd450 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd425 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd430 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | msm8996au | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 425 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 427 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 430 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 435 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 450 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 625 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 650 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 652 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 820 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 820a | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 835 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sda 660 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sdm 429 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sdm 439 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sdm 630 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sdm 632 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sdm 636 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sdm 660 | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-362 | Trust: 1.9 |
THREAT TYPE
local
Trust: 0.6
TYPE
competitive condition
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Android のセキュリティに関する公開情報 - 2018 年 8 月 | url: | https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components | Trust: 0.8 |
| title: | September 2018 Qualcomm Technologies, Inc. Security Bulletin | url: | https://www.qualcomm.com/company/product-security/bulletins | Trust: 0.8 |
| title: | Multiple Qualcomm Snapdragon Product security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85086 | Trust: 0.6 |
| title: | Android Security Bulletins: Android Security Bulletin—August 2018 | url: | https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=746dc14fcd3f5e139648cfdc9d9039a9 | Trust: 0.1 |
| title: | SamsungReleaseNotes | url: | https://github.com/samreleasenotes/SamsungReleaseNotes | Trust: 0.1 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2017-18302 | Trust: 2.6 |
| db: | SECTRACK | id: | 1041432 | Trust: 1.2 |
| db: | JVNDB | id: | JVNDB-2017-014292 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201809-973 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-109411 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2017-18302 | Trust: 0.1 |
REFERENCES
| url: | https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components | Trust: 1.8 |
| url: | https://www.qualcomm.com/company/product-security/bulletins | Trust: 1.8 |
| url: | http://www.securitytracker.com/id/1041432 | Trust: 1.2 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18302 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2017-18302 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/362.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
| url: | https://source.android.com/security/bulletin/2018-08-01.html | Trust: 0.1 |
| url: | https://github.com/samreleasenotes/samsungreleasenotes | Trust: 0.1 |
SOURCES
| db: | VULHUB | id: | VHN-109411 |
| db: | VULMON | id: | CVE-2017-18302 |
| db: | JVNDB | id: | JVNDB-2017-014292 |
| db: | CNNVD | id: | CNNVD-201809-973 |
| db: | NVD | id: | CVE-2017-18302 |
LAST UPDATE DATE
2024-11-23T20:11:37.755000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-109411 | date: | 2018-11-23T00:00:00 |
| db: | VULMON | id: | CVE-2017-18302 | date: | 2018-11-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-014292 | date: | 2018-12-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-201809-973 | date: | 2018-09-21T00:00:00 |
| db: | NVD | id: | CVE-2017-18302 | date: | 2024-11-21T03:19:48.723 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-109411 | date: | 2018-09-20T00:00:00 |
| db: | VULMON | id: | CVE-2017-18302 | date: | 2018-09-20T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-014292 | date: | 2018-12-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-201809-973 | date: | 2018-09-21T00:00:00 |
| db: | NVD | id: | CVE-2017-18302 | date: | 2018-09-20T13:29:00.510 |