N/A

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure.

N/A

N/A

Android Qualcomm闭源组件信息泄露漏洞

Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。Qualcomm SD 210等都是美国高通（Qualcomm）公司的中央处理器（CPU）产品。 Android 2018-04-05之前版本中的Qualcomm闭源组件存在信息泄露漏洞，该漏洞源于程序没有正确的将模块静态分配的内存设置为0。远程攻击者可利用该漏洞泄露之前打开的应用程序的信息。以下产品（用于移动设备）受到影响：Qualcomm SD 210；SD 212；SD 205

N/A

N/A