In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, while computing the length of memory allocated for a Diag event, if the buffer length is very small or greater than the maximum, an integer overflow may occur, which later results in a buffer overflow.
[
{
"product": "Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9625, MDM9635M, SD 400, SD 800"
}
]
}
]