VYPR

Snapdragon Mobile

by Qualcomm

CVEs (529)

  • CVE-2018-11858HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.

  • CVE-2018-11857HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850

  • CVE-2018-11856HigOct 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.

  • CVE-2018-5914HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD…

  • CVE-2018-5866HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-3588HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660.

  • CVE-2018-11950HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850

  • CVE-2018-11854HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660

  • CVE-2018-11853HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850,…

  • CVE-2018-11850HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377,…

  • CVE-2018-11849HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564,…

  • CVE-2018-11822HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660

  • CVE-2018-11821HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660,…

  • CVE-2018-11305HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD…

  • CVE-2017-18311HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655,…

  • CVE-2017-18310HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD…

  • CVE-2017-18308HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430

  • CVE-2017-18124HigOct 26, 2018
    risk 0.51cvss 7.8epss 0.00

    During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W,…

  • CVE-2017-18312HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD…

  • CVE-2017-18304HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD…

Page 19 of 27