CVE-2014-9990
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, lack of input validation could lead to an out of bound array access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Lack of input validation in Qualcomm components on multiple Snapdragon SoCs leads to out-of-bounds array access, enabling local escalation of privilege.
Vulnerability
The vulnerability resides in Qualcomm components shipped on multiple Snapdragon Mobile and Wear SoCs (MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450) due to lack of input validation. An out-of-bounds array access can occur. Affected Android builds with security patch level before April 2018 on those SoCs are vulnerable. [1]
Exploitation
Exploitation requires local access or the ability to execute malicious code on the device. The attacker can trigger the out-of-bounds access by providing crafted input to the vulnerable component. No additional authentication is needed beyond being able to interact with the vulnerable component.
Impact
Successful exploitation could allow an attacker to escalate privileges, potentially leading to arbitrary code execution in the context of the kernel or a privileged process.
Mitigation
Fixed in Android security patch level 2018-04-05 or later. Users should update their devices to receive the patch. The bulletin includes fixes for all listed SoCs. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: before 2018-04-05 security patch level
- Range: before 2018-04-05 security patch level
- Qualcomm, Inc./Snapdragon Mobile, Snapdragon Wearv5Range: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 450
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.