In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if an incorrect endpoint number or direction is passed, an out of bounds array access may occur in the USB management module.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9989
Reference (s):
- BID:103671
- URL: http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2018-04-01