CVE-2014-9901
high
CVSS v3
7.5
CVSS v2
7.8
VIR risk
7.5
Description
The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via crafted frames, aka Android internal bug 28670333 and Qualcomm internal bug CR548711.
Predictions
Exploit likelihood
83%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: security@android.com — https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=637f0f7931dd7265ac1c250dc2884d6389c66bde
Vendor advisory: security@android.com — http://source.android.com/security/bulletin/2016-08-01.html
References
- http://source.android.com/security/bulletin/2016-08-01.html
- http://www.securityfocus.com/bid/92247
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=637f0f7931dd7265ac1c250dc2884d6389c66bde
- http://source.android.com/security/bulletin/2016-08-01.html
- http://www.securityfocus.com/bid/92247
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=637f0f7931dd7265ac1c250dc2884d6389c66bde
CWEs
CWE-284
Verify integrity in audit chain (admin only). AS-IS.