Search

Find a vulnerability

Search criteria

    228 vulnerabilities found for Snapdragon Mobile by Qualcomm, Inc.

    CVE-2022-25691 (GCVE-0-2022-25691)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-22 15:48
    VLAI
    Summary
    Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SD480
    Affected: SD695
    Affected: SDX65
    Affected: SM4375
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCN3988
    Affected: WCN3998
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.663Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25691",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T14:44:30.565171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:48:28.997Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD480"
                },
                {
                  "status": "affected",
                  "version": "SD695"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "SM4375"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3998"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25691",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T15:48:28.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25689 (GCVE-0-2022-25689)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-22 15:48
    VLAI
    Summary
    Denial of service in Modem due to reachable assertion in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SDX65
    Affected: WCD9380
    Affected: WCN6855
    Affected: WCN6856
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.658Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25689",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T14:44:32.032923Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:48:36.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in Modem due to reachable assertion in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25689",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T15:48:36.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25673 (GCVE-0-2022-25673)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-22 16:06
    VLAI
    Summary
    Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SDX65
    Affected: WCD9380
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25673",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T16:06:24.891224Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T16:06:30.735Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25673",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T16:06:30.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25672 (GCVE-0-2022-25672)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-22 16:07
    VLAI
    Summary
    Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SD480
    Affected: SD695
    Affected: SDX65
    Affected: SM4375
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCN3988
    Affected: WCN3998
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.598Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25672",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T16:07:26.667855Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T16:07:31.794Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD480"
                },
                {
                  "status": "affected",
                  "version": "SD695"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "SM4375"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3998"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25672",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T16:07:31.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25671 (GCVE-0-2022-25671)

    Vulnerability from nvd – Published: 2022-11-15 00:00 – Updated: 2025-04-22 15:51
    VLAI
    Summary
    Denial of service in MODEM due to reachable assertion in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SDX65
    Affected: WCD9380
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.684Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25671",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T14:44:49.725135Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:51:07.684Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in MODEM due to reachable assertion in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-15T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25671",
        "datePublished": "2022-11-15T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T15:51:07.684Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33217 (GCVE-0-2022-33217)

    Vulnerability from nvd – Published: 2022-10-17 00:00 – Updated: 2025-05-14 15:15
    VLAI
    Summary
    Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Buffer copy without checking size of input in Qualcomm IPC
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33217",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-14T15:15:04.457161Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-14T15:15:23.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer copy without checking size of input in Qualcomm IPC",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33217",
        "datePublished": "2022-10-17T00:00:00.000Z",
        "dateReserved": "2022-06-14T00:00:00.000Z",
        "dateUpdated": "2025-05-14T15:15:23.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25750 (GCVE-0-2022-25750)

    Vulnerability from nvd – Published: 2022-10-17 00:00 – Updated: 2025-05-13 20:05
    VLAI
    Summary
    Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Double Free in BTHOST
    • CWE-415 - Double Free
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T20:04:47.685092Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-415",
                    "description": "CWE-415 Double Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T20:05:06.328Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Double Free in BTHOST",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25750",
        "datePublished": "2022-10-17T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-05-13T20:05:06.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25723 (GCVE-0-2022-25723)

    Vulnerability from nvd – Published: 2022-10-17 00:00 – Updated: 2025-05-13 20:06
    VLAI
    Summary
    Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use-After-Free in Multimedia Frameworks
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:42.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25723",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T20:05:55.781960Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T20:06:07.768Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free in Multimedia Frameworks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25723",
        "datePublished": "2022-10-17T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-05-13T20:06:07.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22077 (GCVE-0-2022-22077)

    Vulnerability from nvd – Published: 2022-10-12 00:00 – Updated: 2025-05-15 18:41
    VLAI
    Summary
    Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use-After-Free in Graphics
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-22077",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-15T18:41:43.695113Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-15T18:41:55.597Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free in Graphics",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-22077",
        "datePublished": "2022-10-12T00:00:00.000Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2025-05-15T18:41:55.597Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3701 (GCVE-0-2020-3701)

    Vulnerability from nvd – Published: 2020-07-30 11:40 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Use After Free Issue in Camera Driver
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: Saipan, SM8250, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Saipan, SM8250, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use After Free Issue in Camera Driver",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-30T11:40:33.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3701",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Saipan, SM8250, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use After Free Issue in Camera Driver"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3701",
        "datePublished": "2020-07-30T11:40:33.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3623 (GCVE-0-2020-3623)

    Vulnerability from nvd – Published: 2020-06-02 15:05 – Updated: 2024-08-04 07:37
    VLAI
    Summary
    kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in Neural processing Unit
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SM8250, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SM8250, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in Neural processing Unit",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-02T15:05:46.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3623",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SM8250, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in Neural processing Unit"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3623",
        "datePublished": "2020-06-02T15:05:46.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:37:55.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18321 (GCVE-0-2017-18321)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in LTE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: MDM9650, MDM9655, SD 835, SDA660
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9650, MDM9655, SD 835, SDA660"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in LTE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18321",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9650, MDM9655, SD 835, SDA660"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in LTE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18321",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5870 (GCVE-0-2018-5870)

    Vulnerability from nvd – Published: 2018-11-28 15:00 – Updated: 2024-08-05 05:47
    VLAI
    Summary
    While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.
    Severity
    No CVSS data available.
    CWE
    • Untrusted Pointer Dereference in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 835, SDA660, SDX24
    Create a notification for this product.
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:47:55.923Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "105838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105838"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 835, SDA660, SDX24"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted Pointer Dereference in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-29T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "105838",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105838"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-5870",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 835, SDA660, SDX24"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted Pointer Dereference in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "105838",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105838"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-5870",
        "datePublished": "2018-11-28T15:00:00.000Z",
        "dateReserved": "2018-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:47:55.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18315 (GCVE-0-2017-18315)

    Vulnerability from nvd – Published: 2018-11-28 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600.
    Severity
    No CVSS data available.
    CWE
    • Buffer Over-read in Core Services
    Assigner
    References
    Impacted products
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.285Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "105838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105838"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 600"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Over-read in Core Services",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-29T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "105838",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105838"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18315",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 600"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Over-read in Core Services"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "105838",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105838"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18315",
        "datePublished": "2018-11-28T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.285Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11884 (GCVE-0-2018-11884)

    Vulnerability from nvd – Published: 2018-10-29 18:00 – Updated: 2024-08-05 08:24
    VLAI
    Summary
    Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in WLAN
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 835, SD 845, SD 850, SDA660
    Create a notification for this product.
    Date Public
    2018-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:24:03.665Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "107681",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107681"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 835, SD 845, SD 850, SDA660"
                }
              ]
            }
          ],
          "datePublic": "2018-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in WLAN",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-03T10:06:07.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "107681",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107681"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-11884",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 835, SD 845, SD 850, SDA660"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in WLAN"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "107681",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107681"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-11884",
        "datePublished": "2018-10-29T18:00:00.000Z",
        "dateReserved": "2018-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:24:03.665Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11882 (GCVE-0-2018-11882)

    Vulnerability from nvd – Published: 2018-10-29 18:00 – Updated: 2024-08-05 08:24
    VLAI
    Summary
    Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in WLAN
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 835, SD 845, SD 850, SDA660
    Create a notification for this product.
    Date Public
    2018-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:24:03.351Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "107681",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107681"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 835, SD 845, SD 850, SDA660"
                }
              ]
            }
          ],
          "datePublic": "2018-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in WLAN",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-03T10:06:06.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "107681",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107681"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-11882",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 835, SD 845, SD 850, SDA660"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in WLAN"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "107681",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107681"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-11882",
        "datePublished": "2018-10-29T18:00:00.000Z",
        "dateReserved": "2018-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:24:03.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25673 (GCVE-0-2022-25673)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-22 16:06
    VLAI
    Summary
    Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SDX65
    Affected: WCD9380
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25673",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T16:06:24.891224Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T16:06:30.735Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25673",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T16:06:30.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25672 (GCVE-0-2022-25672)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-22 16:07
    VLAI
    Summary
    Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SD480
    Affected: SD695
    Affected: SDX65
    Affected: SM4375
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCN3988
    Affected: WCN3998
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.598Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25672",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T16:07:26.667855Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T16:07:31.794Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD480"
                },
                {
                  "status": "affected",
                  "version": "SD695"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "SM4375"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3998"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25672",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T16:07:31.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25689 (GCVE-0-2022-25689)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-22 15:48
    VLAI
    Summary
    Denial of service in Modem due to reachable assertion in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SDX65
    Affected: WCD9380
    Affected: WCN6855
    Affected: WCN6856
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.658Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25689",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T14:44:32.032923Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:48:36.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in Modem due to reachable assertion in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25689",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T15:48:36.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25691 (GCVE-0-2022-25691)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-22 15:48
    VLAI
    Summary
    Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SD480
    Affected: SD695
    Affected: SDX65
    Affected: SM4375
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCN3988
    Affected: WCN3998
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.663Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25691",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T14:44:30.565171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:48:28.997Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD480"
                },
                {
                  "status": "affected",
                  "version": "SD695"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "SM4375"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3998"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-13T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25691",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T15:48:28.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25671 (GCVE-0-2022-25671)

    Vulnerability from cvelistv5 – Published: 2022-11-15 00:00 – Updated: 2025-04-22 15:51
    VLAI
    Summary
    Denial of service in MODEM due to reachable assertion in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Reachable Assertion in MODEM
    • CWE-617 - Reachable Assertion
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: AR8035
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCN6024
    Affected: QCN9024
    Affected: SD 8 Gen1 5G
    Affected: SDX65
    Affected: WCD9380
    Affected: WCN6855
    Affected: WCN6856
    Affected: WCN7850
    Affected: WCN7851
    Affected: WSA8830
    Affected: WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.684Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25671",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T14:44:49.725135Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "CWE-617 Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T15:51:07.684Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SDX65"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCN6855"
                },
                {
                  "status": "affected",
                  "version": "WCN6856"
                },
                {
                  "status": "affected",
                  "version": "WCN7850"
                },
                {
                  "status": "affected",
                  "version": "WCN7851"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service in MODEM due to reachable assertion in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reachable Assertion in MODEM",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-15T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25671",
        "datePublished": "2022-11-15T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-04-22T15:51:07.684Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25750 (GCVE-0-2022-25750)

    Vulnerability from cvelistv5 – Published: 2022-10-17 00:00 – Updated: 2025-05-13 20:05
    VLAI
    Summary
    Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Double Free in BTHOST
    • CWE-415 - Double Free
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T20:04:47.685092Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-415",
                    "description": "CWE-415 Double Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T20:05:06.328Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Double Free in BTHOST",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25750",
        "datePublished": "2022-10-17T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-05-13T20:05:06.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25723 (GCVE-0-2022-25723)

    Vulnerability from cvelistv5 – Published: 2022-10-17 00:00 – Updated: 2025-05-13 20:06
    VLAI
    Summary
    Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use-After-Free in Multimedia Frameworks
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:42.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25723",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T20:05:55.781960Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T20:06:07.768Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free in Multimedia Frameworks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-25723",
        "datePublished": "2022-10-17T00:00:00.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2025-05-13T20:06:07.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-33217 (GCVE-0-2022-33217)

    Vulnerability from cvelistv5 – Published: 2022-10-17 00:00 – Updated: 2025-05-14 15:15
    VLAI
    Summary
    Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Buffer copy without checking size of input in Qualcomm IPC
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T08:01:20.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-33217",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-14T15:15:04.457161Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-14T15:15:23.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer copy without checking size of input in Qualcomm IPC",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-33217",
        "datePublished": "2022-10-17T00:00:00.000Z",
        "dateReserved": "2022-06-14T00:00:00.000Z",
        "dateUpdated": "2025-05-14T15:15:23.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22077 (GCVE-0-2022-22077)

    Vulnerability from cvelistv5 – Published: 2022-10-12 00:00 – Updated: 2025-05-15 18:41
    VLAI
    Summary
    Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use-After-Free in Graphics
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-22077",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-15T18:41:43.695113Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-15T18:41:55.597Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free in Graphics",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-19T00:00:00.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2022-22077",
        "datePublished": "2022-10-12T00:00:00.000Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2025-05-15T18:41:55.597Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3701 (GCVE-0-2020-3701)

    Vulnerability from cvelistv5 – Published: 2020-07-30 11:40 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Use After Free Issue in Camera Driver
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: Saipan, SM8250, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Saipan, SM8250, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use After Free Issue in Camera Driver",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-30T11:40:33.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3701",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Saipan, SM8250, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use After Free Issue in Camera Driver"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3701",
        "datePublished": "2020-07-30T11:40:33.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3623 (GCVE-0-2020-3623)

    Vulnerability from cvelistv5 – Published: 2020-06-02 15:05 – Updated: 2024-08-04 07:37
    VLAI
    Summary
    kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in Neural processing Unit
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SM8250, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SM8250, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in Neural processing Unit",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-02T15:05:46.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3623",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SM8250, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in Neural processing Unit"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3623",
        "datePublished": "2020-06-02T15:05:46.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:37:55.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18321 (GCVE-0-2017-18321)

    Vulnerability from cvelistv5 – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in LTE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: MDM9650, MDM9655, SD 835, SDA660
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9650, MDM9655, SD 835, SDA660"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in LTE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18321",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9650, MDM9655, SD 835, SDA660"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in LTE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18321",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5870 (GCVE-0-2018-5870)

    Vulnerability from cvelistv5 – Published: 2018-11-28 15:00 – Updated: 2024-08-05 05:47
    VLAI
    Summary
    While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.
    Severity
    No CVSS data available.
    CWE
    • Untrusted Pointer Dereference in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile Affected: SD 835, SDA660, SDX24
    Create a notification for this product.
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:47:55.923Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "105838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105838"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 835, SDA660, SDX24"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted Pointer Dereference in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-29T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "105838",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105838"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-5870",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 835, SDA660, SDX24"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted Pointer Dereference in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "105838",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105838"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-5870",
        "datePublished": "2018-11-28T15:00:00.000Z",
        "dateReserved": "2018-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:47:55.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18315 (GCVE-0-2017-18315)

    Vulnerability from cvelistv5 – Published: 2018-11-28 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600.
    Severity
    No CVSS data available.
    CWE
    • Buffer Over-read in Core Services
    Assigner
    References
    Impacted products
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.285Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "105838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105838"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 600"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Over-read in Core Services",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-29T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "105838",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105838"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18315",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 600"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Over-read in Core Services"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "105838",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105838"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18315",
        "datePublished": "2018-11-28T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.285Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }