Uninitialized Variable in TrustZone System Call: A Potential Threat to Secure Memory in Qualcomm Android Devices

Uninitialized Variable in TrustZone System Call: A Potential Threat to Secure Memory in Qualcomm Android Devices

CVE-2014-9979 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.