Denial of Service Vulnerability in Qualcomm Bootloader on Nexus 5 Devices

Denial of Service Vulnerability in Qualcomm Bootloader on Nexus 5 Devices

CVE-2014-9798 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka Android internal bug 28821448 and Qualcomm internal bug CR681965.

Learn more about our Cis Benchmark Audit For Google Android.