CVE-2015-9181
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, in a crypto API function, a buffer over-read can occur.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer over-read in a Qualcomm crypto API function on multiple Snapdragon platforms could lead to information disclosure.
Vulnerability
A buffer over-read vulnerability exists in a Qualcomm cryptographic API function used in Android devices. The affected platforms include Snapdragon Automobile, Mobile, and Wear chipsets: MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835. The issue is present in Android versions before the 2018-04-05 security patch level [1].
Exploitation
An attacker with local access to the device or a malicious application could trigger the buffer over-read by invoking the vulnerable crypto API function. No additional privileges are required beyond normal user-level access, as the function is accessible to applications [1].
Impact
Successful exploitation results in information disclosure, potentially exposing sensitive data such as cryptographic keys or other memory contents. The over-read could leak data from adjacent memory regions, compromising confidentiality [1].
Mitigation
The vulnerability is fixed in the Android security patch level dated 2018-04-05 or later. Users should ensure their devices receive this update. No workaround is available; applying the patch is the only mitigation [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Qualcomm, Inc./Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wearv5Range: MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.