| Title | 複数の Qualcomm 製品上で稼動する Android におけるアクセス制御に関する脆弱性 |
|---|---|
| Summary | 複数の Qualcomm 製品上で稼動する Android には、アクセス制御に関する脆弱性が存在します。 |
| Possible impacts | 情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | April 2, 2018, midnight |
| Registration Date | May 29, 2018, 6:25 p.m. |
| Last Update | May 29, 2018, 6:25 p.m. |
| CVSS3.0 : 緊急 | |
| Score | 9.8 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVSS2.0 : 危険 | |
| Score | 10 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| クアルコム |
| MDM9640 ファームウェア |
| MDM9650 ファームウェア |
| MSM8937 ファームウェア |
| MSM8952 ファームウェア |
| MSM8976 ファームウェア |
| SDM 630 ファームウェア |
| SDM845 ファームウェア |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2018年05月29日] 掲載 |
May 29, 2018, 6:25 p.m. |
| Summary | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code. |
|---|---|
| Publication Date | April 18, 2018, 11:29 p.m. |
| Registration Date | Jan. 26, 2021, 2:05 p.m. |
| Last Update | Nov. 21, 2024, 11:44 a.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:msm8976_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:msm8976:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:msm8976_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:msm8976:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:msm8952_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:msm8952:-:*:*:*:*:*:*:* | ||||