cvelist/2017/15xxx/CVE-2017-15828.json

{
    "CVE_data_meta": {
        "ASSIGNER": "product-security@qualcomm.com",
        "ID": "CVE-2017-15828",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "All Android releases from CAF using the Linux kernel"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Integer Overflow to Buffer Overflow vulnerability in Bootloader"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin",
                "refsource": "CONFIRM",
                "url": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
            },
            {
                "name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=86ea9e5dd16d918f8960067157012cc15176f82f",
                "refsource": "CONFIRM",
                "url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=86ea9e5dd16d918f8960067157012cc15176f82f"
            }
        ]
    }
}