QRD Android
by Qualcomm
CVEs (132)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15853 | Med | 0.34 | 5.3 | 0.00 | Apr 3, 2018 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the… | ||
| CVE-2017-15837 | Med | 0.34 | 5.3 | 0.00 | Apr 3, 2018 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read… | ||
| CVE-2016-5858 | Med | 0.31 | 4.7 | 0.01 | Aug 16, 2017 | In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. | ||
| CVE-2016-5855 | Med | 0.31 | 4.7 | 0.00 | Aug 16, 2017 | In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. | ||
| CVE-2016-5347 | Med | 0.31 | 4.7 | 0.01 | Aug 16, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | ||
| CVE-2017-0533 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0459 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2018-12011 | 0.00 | — | 0.00 | Feb 11, 2019 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure. | |||
| CVE-2018-11962 | 0.00 | — | 0.00 | Feb 11, 2019 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory. | |||
| CVE-2018-13889 | 0.00 | — | 0.00 | Feb 11, 2019 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed | |||
| CVE-2018-11964 | 0.00 | — | 0.00 | Dec 20, 2018 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue. | |||
| CVE-2018-11984 | 0.00 | — | 0.00 | Dec 20, 2018 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition and an out-of-bounds access can occur in the DIAG driver. |
- risk 0.34cvss 5.3epss 0.00
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the…
- risk 0.34cvss 5.3epss 0.00
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read…
- risk 0.31cvss 4.7epss 0.01
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.
- risk 0.31cvss 4.7epss 0.00
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.
- risk 0.31cvss 4.7epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver.
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- CVE-2018-12011Feb 11, 2019risk 0.00cvss —epss 0.00
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure.
- CVE-2018-11962Feb 11, 2019risk 0.00cvss —epss 0.00
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.
- CVE-2018-13889Feb 11, 2019risk 0.00cvss —epss 0.00
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed
- CVE-2018-11964Dec 20, 2018risk 0.00cvss —epss 0.00
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.
- CVE-2018-11984Dec 20, 2018risk 0.00cvss —epss 0.00
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition and an out-of-bounds access can occur in the DIAG driver.
Page 7 of 7