Skip to main content

Numeric Errors

CVE-2015-8888

Severity High
Score 7.8/10

Summary

Integer overflow in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to bypass intended access restrictions via a crafted block count and block size of a sparse header, aka Android internal bug 28822465 and Qualcomm internal bug CR813933.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • REQUIRED
  • NONE
  • HIGH
  • HIGH

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

  • Published