Vulnerabilities > CVE-2015-9222 - Resource Management Errors vulnerability in Qualcomm products
Summary
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, processing erroneous bitstreams may result in a HW freeze. FW should detect the HW freeze based on watchdog timer, but because the watchdog timer is not enabled, an infinite loop occurs, resulting in a device freeze.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | Multiple Vendors (RomPager 4.34) - Misfortune Cookie Router Authentication Bypass. CVE-2015-9222. Webapps exploit for hardware platform |
file | exploits/hardware/webapps/39739.py |
id | EDB-ID:39739 |
last seen | 2016-04-27 |
modified | 2016-04-27 |
platform | hardware |
port | |
published | 2016-04-27 |
reporter | Milad Doorbash |
source | https://www.exploit-db.com/download/39739/ |
title | Multiple Vendors RomPager <= 4.34 - Misfortune Cookie Router Authentication Bypass |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/136831/rompager-bypass.txt |
id | PACKETSTORM:136831 |
last seen | 2016-12-05 |
published | 2016-04-27 |
reporter | Milad Doorbash |
source | https://packetstormsecurity.com/files/136831/RomPager-4.34-Authentication-Bypass.html |
title | RomPager 4.34 Authentication Bypass |