CVE-2018-3593
Description
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, repeated enable/disable eMBMS requests may result in a double free condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Repeated eMBMS enable/disable requests on Qualcomm Snapdragon platforms cause a double-free condition, leading to memory corruption.
Vulnerability
In Android before the 2018-04-05 security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear platforms (MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845), a memory management bug exists in the handling of eMBMS (evolved Multimedia Broadcast Multicast Service) requests. Specifically, repeatedly enabling and disabling an eMBMS session can trigger a double-free condition [1]. This occurs because the system does not properly validate state transitions, allowing the same memory region to be freed twice.
Exploitation
An attacker requires the ability to send repeated eMBMS enable and disable requests to the device, which may be achievable from a local application with sufficient permissions (such as carrier-specific apps or root processes). No user interaction beyond the initial trigger is needed. The attack does not require physical proximity; it can be performed over the cellular network if the device is configured to receive eMBMS broadcasts. The sequence involves interleaving enable() and disable() calls on the eMBMS service before the first disable properly cleans up resources [1].
Impact
Successful exploitation results in a double-free memory corruption. This can lead to a denial of service (system crash or reboot) or potentially arbitrary code execution in the kernel context, as memory corruption in the kernel is a common vector for privilege escalation. The attacker could gain elevated privileges sufficient to compromise the entire device [1].
Mitigation
Google released a fix as part of the Android Security Bulletin for April 2018 (security patch level 2018-04-05). Users should apply the OTA update or flash the updated system image for their device. There is no known workaround for unpatched devices. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of the available references [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Qualcomm, Inc./Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wearv5Range: MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.