VARIoT IoT vulnerabilities database

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800, a buffer overflow can occur when processing an audio buffer. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9615 and others are central processing unit (CPU) products of Qualcomm (Qualcomm). There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this to execute arbitrary code on the system by using the audio buffer. The following products (for mobile devices) are affected: Qualcomm MDM9615; MDM9625; MDM9635M; SD 400; SD 600; SD 800

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a crypto API function, a buffer over-read can occur. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer error vulnerability in the crypto API function of the Qualcomm closed-source component in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to obtain sensitive information by sending a specially crafted request (buffer out-of-bounds read)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation OEMCrypto_GetRandom can cause potential buffer overflow. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed-source components in versions prior to Android 2018-04-05. The vulnerability stems from the fact that the program does not perform input validation. A remote attacker could exploit this vulnerability to execute arbitrary code on the system

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, a buffer over-read can occur in a DRM API. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). DRM API is one of the Digital Rights Management APIs (Application Programming Interface). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The DRM API in Android versions prior to 2018-04-05 has a buffer out-of-bounds read vulnerability. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, and SD 820A, A non-secure region check is done while registering QSEE buffer address which is passed by HLOS but not while logging in the QSEE buffer, so corruption of dynamically protected secure region can occur if the non-secure buffer is changed between the time it's checked and when it's used. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm IPQ4019 and so on are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A buffer error vulnerability exists in Qualcomm closed-source components in versions prior to Android 2018-04-05. A remote attacker could exploit this vulnerability to compromise a dynamically protected security zone. The following products (for automotive and mobile devices) are affected: Qualcomm IPQ4019; MDM9625; MDM9635M; MDM9640; MDM9650; MDM9655; SD 210; SD 212; SD 205; ; SD 800; SD 808; SD 810; SD 820; SD 820A

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, if start_addr + size is too large in boot_clobber_check_local_address_range(), an integer overflow occurs, resulting in clobber protection check being bypassed and SBL memory corruption. plural Qualcomm Run on product Android Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm IPQ4019 and so on are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An integer overflow vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker can exploit this vulnerability by sending a specially crafted value to bypass security protection detection and cause SBL memory corruption. The following products (used in mobile devices and watches) are affected: Qualcomm IPQ4019; MDM9206; MDM9607; MDM9615; MDM9625; MDM9635M; MSM8909W; /16; SD 415; SD 808; SD 810

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, when making a high speed Dual Carrier Downlink Data call in a multicell environment, a buffer overflow may occur. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially crafted request. The following products (for mobile devices and watches) are affected: Qualcomm MDM9206; MDM9607; MDM9635M; MSM8909W; SD 210; SD 212; SD 205; SD 400; SD 410/12; SD 425; SD 415; SD 617; SD 800; SD 808; SD 810

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9650, MDM9655, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, HLOS can cause a buffer overflow to occur. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). QTEE syscall handler is one of the QTEE system call handlers. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in the QTEE syscall handler of the Qualcomm closed-source component in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to execute arbitrary code on the system

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of validation of the return value prior to using for buffer allocation in QSEE application, TQS, may result in memory overwrite. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm SD 410, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm). There is a buffer error vulnerability in Qualcomm closed-source components in versions before Android 2018-04-05. The vulnerability is caused by the program not validating the return value before allocating the buffer. A remote attacker could exploit this vulnerability to overwrite memory. The following products (for mobile devices) are affected: Qualcomm SD 410/12; SD 617; SD 650/52; SD 800; SD 808; SD 810

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, missing of return value check in memscpy can cause memory corruption in TQS App. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm SD 410, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm). There is a buffer error vulnerability in Qualcomm closed-source components in versions before Android 2018-04-05. The vulnerability is caused by the fact that the memscpy function does not detect the return value. A remote attacker could exploit this vulnerability to cause a denial of service (memory corruption)

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The Qualcomm closed-source component in Android versions before 2018-04-05 has a buffer out-of-bounds read vulnerability. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing a private frame in an ID3 tag, a buffer over-read can occur when comparing frame data with predefined owner identifier strings. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The Qualcomm closed-source component in Android versions before 2018-04-05 has a buffer out-of-bounds read vulnerability. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. The following products (cars, phones, and watches) are affected: Qualcomm MDM9206; Qualcomm MDM9607; Qualcomm MDM9650; Qualcomm SD 210; Qualcomm SD 212; Qualcomm SD 205; Qualcomm SD 425; Qualcomm SD 430; Qualcomm SD 450; Qualcomm SD 415; Qualcomm SD 617; Qualcomm SD 625; Qualcomm SD 650/52; Qualcomm SD 808; Qualcomm SD 820; Qualcomm SD 820A;

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework events, the iterator pointer is deleted after processing an event. When processing subsequent events, a Use After Condition will occur. plural Qualcomm Run on product Android Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MSM8909W, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm). Qualcomm closed-source components in versions prior to Android 2018-04-05 have a use-after-free vulnerability. A remote attacker could exploit this vulnerability to gain access. The following products (for mobile devices and watches) are affected: Qualcomm MSM8909W; SD 210; SD 212; SD 205; SD 450; SD 615/16; SD 415; SD 625; SD 650/52; SD 820; SD 835; SD 845

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, a Use After Free condition can occur in RIL while handling requests from Android. plural Qualcomm Run on product Android Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MSM8909W, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm). Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. The following products (used in phones and watches) are affected: Qualcomm MSM8909W; Qualcomm SD 210; Qualcomm SD 212; Qualcomm SD 205; Qualcomm SD 450; Qualcomm SD 615/16; Qualcomm SD 415; Qualcomm SD 625; Qualcomm SD 650/52 ; Qualcomm SD 820; Qualcomm SD 835; Qualcomm SD 845

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy(). plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in the 'memcpy()' function call of the Qualcomm closed-source component in the Android version before 2018-04-05. The vulnerability is caused by the fact that the program does not verify the extracted name_len and value_len values. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service. The following products (used in phones and watches) are affected: Qualcomm MSM8909W; Qualcomm SD 210; Qualcomm SD 212; Qualcomm SD 205; Qualcomm SD 430; Qualcomm SD 450; Qualcomm SD 625; Qualcomm SD 650/52; SD 835; Qualcomm SD 845

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains. plural Qualcomm Run on product Android Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A security vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. An attacker can exploit this vulnerability to control the network protocol accelerator channel of the security domain. The following products (used in cars and mobile phones) are affected: Qualcomm MDM9206; Qualcomm MDM9607; Qualcomm SD 845; Qualcomm MSM8996Qualcomm MSM8998

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket, which can lead to a buffer overflow when the sample buffer is copied to the logPacket buffer. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9650, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions before 2018-04-05. An attacker could exploit this vulnerability to execute code or cause a denial of service. The following products (used in mobile phones) are affected: Qualcomm MDM9650; Qualcomm MDM9655; Qualcomm SD 835; Qualcomm SD 845; Qualcomm SD 850

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Both Qualcomm SD 400 and Qualcomm SD 800 are central processing unit (CPU) products of Qualcomm (Qualcomm). A buffer overflow vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service. The following products (mobile devices) are affected: Qualcomm SD 400; Qualcomm SD 800

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm IPQ4019 and so on are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A buffer overflow vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially crafted request. The following products (used in automobiles, mobile devices, and watches) are affected: Qualcomm IPQ4019; IPQ8064; MDM9206; MDM9607; MDM9635M; MDM9640; MDM9650; QCA9886; QCA9980; SD 210; SD 212; SD 205; SD 425; SD 625; SD 808; SD 810; SD 820; SDX20

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, missing array index checks on app index in function qcril_uim_clear_encrypted_pin results in accessing addresses outside the bounds of the buffer when app index is too large. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability is caused by not performing array index detection on the application index in the 'qcril_uim_clear_encrypted_pin' function. A remote attacker could exploit this vulnerability to execute arbitrary code on the system