Vulnerabilities > CVE-2017-18297 - Double Free vulnerability in Qualcomm products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

NVD

Published: 2018-10-23

Updated: 2018-12-07

Summary

Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.

Part	Description	Count
OS	Qualcomm Qualcomm SD 425 Firmware - Qualcomm SD 430 Firmware - Qualcomm SD 450 Firmware - Qualcomm SD 625 Firmware - Qualcomm SD 650 Firmware - Qualcomm SD 652 Firmware - Qualcomm SD 820 Firmware -	7
Hardware	Qualcomm Qualcomm SD 425 - Qualcomm SD 430 - Qualcomm SD 450 - Qualcomm SD 625 - Qualcomm SD 650 - Qualcomm SD 652 - Qualcomm SD 820 -	7