← back
CVE-2014-9795

CVE-2014-9795

EPSS 0.6%
app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and Qualcomm internal bug CR681957, a related issue to CVE-2014-4325.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://source.android.com/security/bulletin/2016-07-01.htmlhttps://source.codeaurora.org/quic/la/kernel/lk/commit/?id=ce2a0ea1f14298abc83729f3a095adab43342342https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=fc3b31f81a1c128c2bcc745564a075022cd72a2ehttp://www.securityfocus.com/bid/91628