CVE-2017-18125
Description
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers. The TEE application which uses secure camera expects those buffers to contain data captured during the current camera session. It is possible though for HLOS to put aside and reuse one or more of the protected buffers with previously captured data during next camera session. Such data reuse must be prevented as the TEE applications expects to receive valid data captured during the current session only.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
On Qualcomm Snapdragon Mobile and Wear devices, the secure camera may reuse protected buffers from previous sessions, allowing HLOS to provide stale data to TEE applications.
Vulnerability
In Android before the 2018-04-05 security patch level on Qualcomm Snapdragon Mobile and Wear platforms (including MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850), the secure camera feature stores captured data in protected buffers. The TEE application expects these buffers to contain data from the current session only. However, HLOS can set aside and reuse protected buffers from previous sessions, violating this expectation [1].
Exploitation
An attacker with control over HLOS (e.g., through a compromised system process) can reuse secure camera buffers from previous sessions, causing the TEE application to receive stale data [1].
Impact
Successful exploitation could allow a HLOS-level attacker to feed stale or previously captured data to the TEE secure camera application, potentially leading to information disclosure or incorrect processing of camera data [1].
Mitigation
Fixed in Android security patch level 2018-04-05. Users should update to the latest available patch. No workaround is mentioned in the reference [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Qualcomm, Inc./Snapdragon Mobile, Snapdragon Wearv5Range: MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.