CVE-2015-9167
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Integer underflow in Qualcomm EMM command on multiple Snapdragon platforms could lead to memory corruption, fixed in Android April 2018 update.
Vulnerability
An integer underflow vulnerability exists in the EMM (Embedded Multi-Media Controller) command handling on Qualcomm Snapdragon chipsets. The affected chipsets include SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A [1]. The vulnerability occurs in Android versions prior to the 2018-04-05 security patch level [1]. The integer underflow can be triggered when processing a specially crafted EMM command, leading to memory corruption.
Exploitation
Exploitation requires the ability to send a malicious EMM command to the device, which likely necessitates local access or a privileged position within the system. The exact exploitation steps are not detailed in the available references, but the integer underflow can cause a buffer overflow or other memory corruption, potentially allowing an attacker to write controlled data to unintended memory locations [1].
Impact
Successful exploitation could result in memory corruption, which may lead to arbitrary code execution or denial of service. The attacker could potentially escalate privileges or cause the device to crash [1].
Mitigation
This vulnerability is fixed by applying the Android security patch level of 2018-04-05 or later [1]. Users should update their devices to the latest security patch available from their device manufacturer.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Qualcomm, Inc./Snapdragon Automobile, Snapdragon Mobilev5Range: SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.