Vendor CVEs
Qualcomm
All CVEs
2,042 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-5919 | 0.00 | — | 0.00 | Nov 27, 2018 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a use after free issue in WLAN host driver can lead to device reboot. | |||
| CVE-2018-11874 | 0.00 | — | 0.00 | Oct 29, 2018 | Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||
| CVE-2018-11865 | 0.00 | — | 0.00 | Oct 29, 2018 | Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845,… | |||
| CVE-2018-11872 | 0.00 | — | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660 | |||
| CVE-2018-11870 | 0.00 | — | 0.00 | Oct 29, 2018 | Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531,… | |||
| CVE-2018-11858 | 0.00 | — | 0.00 | Oct 29, 2018 | When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850. | |||
| CVE-2018-11877 | 0.00 | — | 0.00 | Oct 29, 2018 | When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||
| CVE-2018-11859 | 0.00 | — | 0.00 | Oct 29, 2018 | Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. | |||
| CVE-2018-11884 | 0.00 | — | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 | |||
| CVE-2018-11857 | 0.00 | — | 0.00 | Oct 29, 2018 | Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850 | |||
| CVE-2018-11882 | 0.00 | — | 0.00 | Oct 29, 2018 | Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||
| CVE-2018-11856 | 0.00 | — | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. | |||
| CVE-2018-11871 | 0.00 | — | 0.00 | Oct 29, 2018 | Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU,… | |||
| CVE-2018-11862 | 0.00 | — | 0.00 | Oct 29, 2018 | Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. | |||
| CVE-2018-11876 | 0.00 | — | 0.00 | Oct 29, 2018 | Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||
| CVE-2018-11866 | 0.00 | — | 0.00 | Oct 29, 2018 | Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD… | |||
| CVE-2018-11861 | 0.00 | — | 0.00 | Oct 29, 2018 | Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. | |||
| CVE-2018-11873 | 0.00 | — | 0.00 | Oct 29, 2018 | Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845. | |||
| CVE-2018-11875 | 0.00 | — | 0.00 | Oct 29, 2018 | Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. | |||
| CVE-2018-11867 | 0.00 | — | 0.00 | Oct 29, 2018 | Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845. | |||
| CVE-2018-11880 | 0.00 | — | 0.00 | Oct 29, 2018 | Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||
| CVE-2018-11305 | 0.00 | — | 0.00 | Oct 26, 2018 | When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD… | |||
| CVE-2018-11854 | 0.00 | — | 0.00 | Oct 26, 2018 | Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 | |||
| CVE-2018-3588 | 0.00 | — | 0.00 | Oct 26, 2018 | There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660. | |||
| CVE-2018-11950 | 0.00 | — | 0.00 | Oct 26, 2018 | Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850 | |||
| CVE-2018-5914 | 0.00 | — | 0.00 | Oct 26, 2018 | Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD… | |||
| CVE-2018-11828 | 0.00 | — | 0.01 | Oct 26, 2018 | When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52 | |||
| CVE-2018-11846 | 0.00 | — | 0.00 | Oct 26, 2018 | The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850 | |||
| CVE-2017-18311 | 0.00 | — | 0.00 | Oct 26, 2018 | XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655,… | |||
| CVE-2017-18309 | 0.00 | — | 0.00 | Oct 26, 2018 | A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850. | |||
| CVE-2018-11821 | 0.00 | — | 0.00 | Oct 26, 2018 | Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660,… | |||
| CVE-2018-11822 | 0.00 | — | 0.00 | Oct 26, 2018 | A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 | |||
| CVE-2018-11849 | 0.00 | — | 0.00 | Oct 26, 2018 | Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564,… | |||
| CVE-2018-11850 | 0.00 | — | 0.00 | Oct 26, 2018 | Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377,… | |||
| CVE-2018-11951 | 0.00 | — | 0.00 | Oct 26, 2018 | Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850. | |||
| CVE-2017-18310 | 0.00 | — | 0.00 | Oct 26, 2018 | ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD… | |||
| CVE-2018-11824 | 0.00 | — | 0.00 | Oct 26, 2018 | A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660 | |||
| CVE-2018-11853 | 0.00 | — | 0.00 | Oct 26, 2018 | Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850,… | |||
| CVE-2018-5866 | 0.00 | — | 0.00 | Oct 26, 2018 | While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660. | |||
| CVE-2017-18308 | 0.00 | — | 0.00 | Oct 26, 2018 | Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430 | |||
| CVE-2017-18124 | 0.00 | — | 0.00 | Oct 26, 2018 | During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W,… | |||
| CVE-2017-18304 | 0.00 | — | 0.00 | Oct 23, 2018 | Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD… | |||
| CVE-2017-18277 | 0.00 | — | 0.00 | Oct 23, 2018 | When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W,… | |||
| CVE-2017-18300 | 0.00 | — | 0.00 | Oct 23, 2018 | Secure display content could be accessed by third party trusted application after creating a fault in other trusted applications in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SDA660. | |||
| CVE-2017-18303 | 0.00 | — | 0.00 | Oct 23, 2018 | While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD… | |||
| CVE-2017-18171 | 0.00 | — | 0.01 | Oct 23, 2018 | Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52,… | |||
| CVE-2017-18305 | 0.00 | — | 0.00 | Oct 23, 2018 | XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835. | |||
| CVE-2017-18313 | 0.00 | — | 0.00 | Oct 23, 2018 | Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is located within the authenticated image in Snapdragon Mobile and Snapdragon Wear in… | |||
| CVE-2017-18293 | 0.00 | — | 0.00 | Oct 23, 2018 | When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD… | |||
| CVE-2017-18282 | 0.00 | — | 0.00 | Oct 23, 2018 | Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. |
- CVE-2018-5919Nov 27, 2018risk 0.00cvss —epss 0.00
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a use after free issue in WLAN host driver can lead to device reboot.
- CVE-2018-11874Oct 29, 2018risk 0.00cvss —epss 0.00
Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- CVE-2018-11865Oct 29, 2018risk 0.00cvss —epss 0.00
Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845,…
- CVE-2018-11872Oct 29, 2018risk 0.00cvss —epss 0.00
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660
- CVE-2018-11870Oct 29, 2018risk 0.00cvss —epss 0.00
Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531,…
- CVE-2018-11858Oct 29, 2018risk 0.00cvss —epss 0.00
When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.
- CVE-2018-11877Oct 29, 2018risk 0.00cvss —epss 0.00
When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- CVE-2018-11859Oct 29, 2018risk 0.00cvss —epss 0.00
Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.
- CVE-2018-11884Oct 29, 2018risk 0.00cvss —epss 0.00
Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
- CVE-2018-11857Oct 29, 2018risk 0.00cvss —epss 0.00
Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850
- CVE-2018-11882Oct 29, 2018risk 0.00cvss —epss 0.00
Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- CVE-2018-11856Oct 29, 2018risk 0.00cvss —epss 0.00
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.
- CVE-2018-11871Oct 29, 2018risk 0.00cvss —epss 0.00
Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU,…
- CVE-2018-11862Oct 29, 2018risk 0.00cvss —epss 0.00
Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.
- CVE-2018-11876Oct 29, 2018risk 0.00cvss —epss 0.00
Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- CVE-2018-11866Oct 29, 2018risk 0.00cvss —epss 0.00
Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD…
- CVE-2018-11861Oct 29, 2018risk 0.00cvss —epss 0.00
Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.
- CVE-2018-11873Oct 29, 2018risk 0.00cvss —epss 0.00
Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845.
- CVE-2018-11875Oct 29, 2018risk 0.00cvss —epss 0.00
Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850.
- CVE-2018-11867Oct 29, 2018risk 0.00cvss —epss 0.00
Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845.
- CVE-2018-11880Oct 29, 2018risk 0.00cvss —epss 0.00
Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
- CVE-2018-11305Oct 26, 2018risk 0.00cvss —epss 0.00
When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD…
- CVE-2018-11854Oct 26, 2018risk 0.00cvss —epss 0.00
Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
- CVE-2018-3588Oct 26, 2018risk 0.00cvss —epss 0.00
There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660.
- CVE-2018-11950Oct 26, 2018risk 0.00cvss —epss 0.00
Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850
- CVE-2018-5914Oct 26, 2018risk 0.00cvss —epss 0.00
Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD…
- CVE-2018-11828Oct 26, 2018risk 0.00cvss —epss 0.01
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52
- CVE-2018-11846Oct 26, 2018risk 0.00cvss —epss 0.00
The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850
- CVE-2017-18311Oct 26, 2018risk 0.00cvss —epss 0.00
XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655,…
- CVE-2017-18309Oct 26, 2018risk 0.00cvss —epss 0.00
A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.
- CVE-2018-11821Oct 26, 2018risk 0.00cvss —epss 0.00
Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660,…
- CVE-2018-11822Oct 26, 2018risk 0.00cvss —epss 0.00
A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
- CVE-2018-11849Oct 26, 2018risk 0.00cvss —epss 0.00
Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564,…
- CVE-2018-11850Oct 26, 2018risk 0.00cvss —epss 0.00
Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377,…
- CVE-2018-11951Oct 26, 2018risk 0.00cvss —epss 0.00
Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850.
- CVE-2017-18310Oct 26, 2018risk 0.00cvss —epss 0.00
ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD…
- CVE-2018-11824Oct 26, 2018risk 0.00cvss —epss 0.00
A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660
- CVE-2018-11853Oct 26, 2018risk 0.00cvss —epss 0.00
Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850,…
- CVE-2018-5866Oct 26, 2018risk 0.00cvss —epss 0.00
While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660.
- CVE-2017-18308Oct 26, 2018risk 0.00cvss —epss 0.00
Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430
- CVE-2017-18124Oct 26, 2018risk 0.00cvss —epss 0.00
During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W,…
- CVE-2017-18304Oct 23, 2018risk 0.00cvss —epss 0.00
Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD…
- CVE-2017-18277Oct 23, 2018risk 0.00cvss —epss 0.00
When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W,…
- CVE-2017-18300Oct 23, 2018risk 0.00cvss —epss 0.00
Secure display content could be accessed by third party trusted application after creating a fault in other trusted applications in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SDA660.
- CVE-2017-18303Oct 23, 2018risk 0.00cvss —epss 0.00
While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD…
- CVE-2017-18171Oct 23, 2018risk 0.00cvss —epss 0.01
Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52,…
- CVE-2017-18305Oct 23, 2018risk 0.00cvss —epss 0.00
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.
- CVE-2017-18313Oct 23, 2018risk 0.00cvss —epss 0.00
Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is located within the authenticated image in Snapdragon Mobile and Snapdragon Wear in…
- CVE-2017-18293Oct 23, 2018risk 0.00cvss —epss 0.00
When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD…
- CVE-2017-18282Oct 23, 2018risk 0.00cvss —epss 0.00
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.
Page 40 of 41