MOABI : Continuous Software Improvement

CVE-2015-9143
Description	In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC with a very large meta offset (>size of default CDT-array compiled in bootloader) for one of the CDBs, a buffer overflow occurs.
Impact	CVSS v3 : 9.8 CRITICAL CVSS v2 : 10 HIGH
Type	CWE-119
Attack Vector	CVSSv2 Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	http://www.securityfocus.com/bid/103671 https://source.android.com/security/bulletin/2018-04-01