Snapdragon Mobile
by Qualcomm
CVEs (529)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18141 | Hig | 0.51 | 7.8 | 0.00 | Jan 3, 2019 | When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions… | ||
| CVE-2018-5870 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2018 | While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24. | ||
| CVE-2018-11996 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2018 | When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD… | ||
| CVE-2018-11994 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2018 | SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A,… | ||
| CVE-2018-11264 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2018 | Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD… | ||
| CVE-2017-18315 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2018 | Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600. | ||
| CVE-2018-11884 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 | ||
| CVE-2018-11882 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | ||
| CVE-2018-11880 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | ||
| CVE-2018-11877 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | ||
| CVE-2018-11876 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | ||
| CVE-2018-11875 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. | ||
| CVE-2018-11874 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | ||
| CVE-2018-11873 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845. | ||
| CVE-2018-11872 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660 | ||
| CVE-2018-11871 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU,… | ||
| CVE-2018-11870 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531,… | ||
| CVE-2018-11862 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. | ||
| CVE-2018-11861 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. | ||
| CVE-2018-11859 | Hig | 0.51 | 7.8 | 0.00 | Oct 29, 2018 | Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. |
- risk 0.51cvss 7.8epss 0.00
When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions…
- risk 0.51cvss 7.8epss 0.00
While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.
- risk 0.51cvss 7.8epss 0.00
When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD…
- risk 0.51cvss 7.8epss 0.00
SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A,…
- risk 0.51cvss 7.8epss 0.00
Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD…
- risk 0.51cvss 7.8epss 0.00
Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600.
- risk 0.51cvss 7.8epss 0.00
Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
- risk 0.51cvss 7.8epss 0.00
Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850.
- risk 0.51cvss 7.8epss 0.00
Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845.
- risk 0.51cvss 7.8epss 0.00
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660
- risk 0.51cvss 7.8epss 0.00
Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU,…
- risk 0.51cvss 7.8epss 0.00
Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531,…
- risk 0.51cvss 7.8epss 0.00
Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.
- risk 0.51cvss 7.8epss 0.00
Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.
Page 18 of 27