Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is located within the authenticated image in Snapdragon Mobile and Snapdragon Wear in version MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 617.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components | Third Party Advisory |
https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: qualcomm
Published: 2018-10-23T13:00:00
Updated: 2018-10-23T12:57:01
Reserved: 2018-06-15T00:00:00
Link: CVE-2017-18313
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-10-23T13:29:02.837
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-18313
JSON object: View
Redhat Information
No data.
CWE