QRD Android
by Qualcomm
CVEs (132)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8487 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823724. | ||
| CVE-2016-10299 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32577244. | ||
| CVE-2015-9012 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384691. | ||
| CVE-2015-9010 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101. | ||
| CVE-2015-9009 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600. | ||
| CVE-2015-9008 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384689. | ||
| CVE-2014-9959 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36383694. | ||
| CVE-2014-9958 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384774. | ||
| CVE-2014-9957 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36387564. | ||
| CVE-2014-9956 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36389611. | ||
| CVE-2014-9955 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686. | ||
| CVE-2014-9954 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36388559. | ||
| CVE-2014-9953 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2018 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770. | ||
| CVE-2017-18147 | Cri | 0.64 | 9.8 | 0.01 | Apr 3, 2018 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated. | ||
| CVE-2017-14881 | Cri | 0.64 | 9.8 | 0.01 | Mar 30, 2018 | While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur. | ||
| CVE-2017-14876 | Cri | 0.64 | 9.8 | 0.01 | Mar 30, 2018 | In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write. | ||
| CVE-2016-10380 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. | ||
| CVE-2016-10347 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated. | ||
| CVE-2016-10346 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. | ||
| CVE-2016-10343 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak. |
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823724.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32577244.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384691.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384689.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36383694.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384774.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36387564.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36389611.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36388559.
- risk 0.64cvss 9.8epss 0.01
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770.
- risk 0.64cvss 9.8epss 0.01
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated.
- risk 0.64cvss 9.8epss 0.01
While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.
- risk 0.64cvss 9.8epss 0.01
In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.
Page 1 of 7