CVE-2017-18133

Vulnerability

An out-of-bounds read/write vulnerability exists in the ebi channel array processing within the Qualcomm bootloader or related firmware on Snapdragon Mobile and Snapdragon Wear platforms, including MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, and SD 835. The issue is addressed in the Android security patch level 2018-04-05 [1]. Affected versions include devices running Android with the specified Qualcomm chipsets prior to the 2018-04-05 patch.

Exploitation

An attacker with local kernel-level access or the ability to trigger a malformed ebi channel configuration could cause the array index to exceed its bounds. Exploitation likely requires either physical access or a previously compromised low-level subsystem that can pass crafted data to the ebi channel handler.

Impact

Successful exploitation can result in a denial of service (system crash) or potential memory corruption that may lead to arbitrary code execution at the firmware or TrustZone level, depending on the context of the affected component [1].

Mitigation

Apply the Android security patch level 2018-04-05, which includes the fix for this vulnerability [1]. No public workaround is available; users must update their devices via the OEM’s OTA or firmware update process.