Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for fsm9055 by qualcomm

    VAR-201905-0696

    Vulnerability from variot - Updated: 2025-01-30 21:37

    Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016. Small Cell SoC , Snapdragon Mobile , Snapdragon Wear Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78240792, A-78240715, A-78240449, A-78240612, A-78240794, A-78240199, A-78240071, A-78240736, A-78242049, A-78241971, A-78241834, A-78241375, A-68989823, A-72951265, A-74235874, A-74236406, A-77485022, A-77485183, A-77485139, A-77483830, and A-77484449. Qualcomm MDM9206 is a central processing unit (CPU) product of Qualcomm (Qualcomm). A security vulnerability exists in several Qualcomm products due to the lack of a check of the buffer length before the copy is made

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0696",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fsm9955",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9880",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9886",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9558",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9563",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9955",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "104760"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9955_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "104760"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-18279",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18279",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109385",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18279",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-18279",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18279",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18279",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-150",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109385",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18279",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016. Small Cell SoC , Snapdragon Mobile , Snapdragon Wear Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-78240792, A-78240715, A-78240449, A-78240612, A-78240794, A-78240199, A-78240071, A-78240736, A-78242049, A-78241971, A-78241834, A-78241375, A-68989823, A-72951265, A-74235874, A-74236406, A-77485022, A-77485183, A-77485139, A-77483830, and A-77484449. Qualcomm MDM9206 is a central processing unit (CPU) product of Qualcomm (Qualcomm). A security vulnerability exists in several Qualcomm products due to the lack of a check of the buffer length before the copy is made",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "BID",
            "id": "104760"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18279"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18279",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "104760",
            "trust": 0.3
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-109385",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18279",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "db": "BID",
            "id": "104760"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "id": "VAR-201905-0696",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          }
        ],
        "trust": 0.02
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T21:37:14.837000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "May 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92296"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18279"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18279"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.3,
            "url": "https://source.android.com/security/bulletin/2018-07-01"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/190.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-07-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "db": "BID",
            "id": "104760"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "db": "BID",
            "id": "104760"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "date": "2018-07-02T00:00:00",
            "db": "BID",
            "id": "104760"
          },
          {
            "date": "2019-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          },
          {
            "date": "2019-05-06T23:29:00.783000",
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109385"
          },
          {
            "date": "2021-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18279"
          },
          {
            "date": "2018-07-02T00:00:00",
            "db": "BID",
            "id": "104760"
          },
          {
            "date": "2019-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          },
          {
            "date": "2024-11-21T03:19:45.350000",
            "db": "NVD",
            "id": "CVE-2017-18279"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014458"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-150"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201810-0048

    Vulnerability from variot - Updated: 2024-11-23 21:52

    During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There are security vulnerabilities in Core in several Qualcomm products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201810-0048",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-18124",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18124",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109215",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18124",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18124",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18124",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201810-1278",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109215",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18124",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There are security vulnerabilities in Core in several Qualcomm products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18124"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18124",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "106494",
            "trust": 0.3
          },
          {
            "db": "VULHUB",
            "id": "VHN-109215",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18124",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "id": "VAR-201810-0048",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:52:46.156000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "October 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86350"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014September 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25cebb27b25b2e242f56769472d26cc5"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18124"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18124"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-09-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-10-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "date": "2018-10-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "date": "2018-10-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "date": "2018-10-26T13:29:00.277000",
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-12-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109215"
          },
          {
            "date": "2018-12-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18124"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          },
          {
            "date": "2018-10-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          },
          {
            "date": "2024-11-21T03:19:23.973000",
            "db": "NVD",
            "id": "CVE-2017-18124"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014326"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1278"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0016

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation. plural Qualcomm Run on product Android Contains input validation vulnerabilities and authorization / privilege / access control vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a privilege escalation vulnerability in tzbsp_ocmem of the Qualcomm closed source component in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to elevate privileges. The following products (for mobile devices and Small Cell SoCs) are affected: Qualcomm FSM9055; MDM9635M; SD 400; SD 800

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0016",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-9196",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-9196",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-87157",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-9196",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9196",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-9196",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-957",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87157",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-9196",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation. plural Qualcomm Run on product Android Contains input validation vulnerabilities and authorization / privilege / access control vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a privilege escalation vulnerability in tzbsp_ocmem of the Qualcomm closed source component in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to elevate privileges. The following products (for mobile devices and Small Cell SoCs) are affected: Qualcomm FSM9055; MDM9635M; SD 400; SD 800",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9196"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9196",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-87157",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9196",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "id": "VAR-201804-0016",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:27.422000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component permissions and access control vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80313"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          },
          {
            "problemtype": "CWE-264",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9196"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9196"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/264.html"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "date": "2018-04-18T14:29:07.730000",
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87157"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9196"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          },
          {
            "date": "2018-05-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          },
          {
            "date": "2024-11-21T02:40:01.210000",
            "db": "NVD",
            "id": "CVE-2015-9196"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Input validation vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003879"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-957"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0193

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them. plural Qualcomm Run on product Android Contains a data processing vulnerability.Information may be tampered with. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability stems from the fact that the program loads three types of images in the same way without any distinction. A remote attacker could exploit this vulnerability to gain access

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0193",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10429",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10429",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-89204",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10429",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10429",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10429",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-909",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89204",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10429",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them. plural Qualcomm Run on product Android Contains a data processing vulnerability.Information may be tampered with. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability stems from the fact that the program loads three types of images in the same way without any distinction. A remote attacker could exploit this vulnerability to gain access",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10429"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10429",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89204",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10429",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "id": "VAR-201804-0193",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:22.629000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Qualcomm Snapdragon",
            "trust": 0.8,
            "url": "https://www.qualcomm.co.jp/snapdragon"
          },
          {
            "title": "Qualcomm Small Cells",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/products/small-cells"
          },
          {
            "title": "Android Qualcomm Repair measures for closed source component security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80265"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-19",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10429"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10429"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/19.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "date": "2018-04-18T14:29:10.870000",
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89204"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10429"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          },
          {
            "date": "2018-05-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          },
          {
            "date": "2024-11-21T02:43:59.363000",
            "db": "NVD",
            "id": "CVE-2016-10429"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Data processing vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003596"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-909"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0177

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage. plural Qualcomm Run on product Android Contains an information disclosure vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A remote attacker could exploit this vulnerability to obtain sensitive information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0177",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca4531_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9980_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10438",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10438",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-89214",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10438",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10438",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10438",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-900",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89214",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10438",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage. plural Qualcomm Run on product Android Contains an information disclosure vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A remote attacker could exploit this vulnerability to obtain sensitive information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10438"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10438",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89214",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10438",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "id": "VAR-201804-0177",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:22Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Repair measures for closed source component information disclosure vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80256"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-362",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10438"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10438"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "date": "2018-04-18T14:29:11.340000",
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89214"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10438"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          },
          {
            "date": "2024-11-21T02:44:00.623000",
            "db": "NVD",
            "id": "CVE-2016-10438"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Vulnerable to information disclosure",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003604"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-900"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0165

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input Validation in QURTK_write() can cause potential buffer overflow. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed source components in Android versions before 2018-04-05. The vulnerability is caused by the 'QURTK_write()' function not performing input validation. A remote attacker could exploit this vulnerability to execute arbitrary code on the system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0165",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-9224",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-9224",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-87185",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-9224",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9224",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-9224",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-931",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87185",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-9224",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input Validation in QURTK_write() can cause potential buffer overflow. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed source components in Android versions before 2018-04-05. The vulnerability is caused by the \u0027QURTK_write()\u0027 function not performing input validation. A remote attacker could exploit this vulnerability to execute arbitrary code on the system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9224"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9224",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-87185",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9224",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "id": "VAR-201804-0165",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:21.446000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80287"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9224"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9224"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "date": "2018-04-18T14:29:09.480000",
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87185"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9224"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          },
          {
            "date": "2018-05-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          },
          {
            "date": "2024-11-21T02:40:05.523000",
            "db": "NVD",
            "id": "CVE-2015-9224"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003640"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-931"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0124

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature. plural Qualcomm Run on product Android Contains an access control vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is an access control error vulnerability in the online memory dump function of Qualcomm closed-source components in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability by sending a specially crafted request to access unauthorized memory

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0124",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-9140",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-9140",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-87101",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-9140",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9140",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-9140",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-1010",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87101",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-9140",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature. plural Qualcomm Run on product Android Contains an access control vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is an access control error vulnerability in the online memory dump function of Qualcomm closed-source components in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability by sending a specially crafted request to access unauthorized memory",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9140"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9140",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-87101",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9140",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "id": "VAR-201804-0124",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:21.149000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80366"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-284",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9140"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9140"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/284.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "date": "2018-04-18T14:29:04.590000",
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87101"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9140"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          },
          {
            "date": "2018-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          },
          {
            "date": "2024-11-21T02:39:53.350000",
            "db": "NVD",
            "id": "CVE-2015-9140"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Access control vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003831"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1010"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0116

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper. plural Qualcomm Run on product Android Is NULL A vulnerability related to pointer dereference exists.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability is caused by the program backreferencing untrusted pointers. A remote attacker can exploit this vulnerability to read arbitrary memory (null pointer backreference). The following products (for mobile devices and Small Cell SoCs) are affected: Qualcomm FSM9055; SD 210; SD 212; SD 205; SD 400; SD 410/12; SD 615/16; SD 415; SD 800; SD 810

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0116",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-9132",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-9132",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-87093",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-9132",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9132",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-9132",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-1018",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87093",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-9132",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper. plural Qualcomm Run on product Android Is NULL A vulnerability related to pointer dereference exists.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability is caused by the program backreferencing untrusted pointers. A remote attacker can exploit this vulnerability to read arbitrary memory (null pointer backreference). The following products (for mobile devices and Small Cell SoCs) are affected: Qualcomm FSM9055; SD 210; SD 212; SD 205; SD 400; SD 410/12; SD 615/16; SD 415; SD 800; SD 810",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9132"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9132",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-87093",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9132",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "id": "VAR-201804-0116",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:18.377000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Repair measures for closed source component security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80374"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-476",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9132"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9132"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/476.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "date": "2018-04-18T14:29:04.137000",
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87093"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9132"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          },
          {
            "date": "2024-11-21T02:39:52.200000",
            "db": "NVD",
            "id": "CVE-2015-9132"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android In  NULL Pointer dereference vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003826"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1018"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0337

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability is caused by programs not clearing reserved memory in the TZ subsystem (like TZ application and PIL image subsystem) after using it. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0337",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-10052",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-10052",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-68593",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2014-10052",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-10052",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-10052",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-1062",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-68593",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2014-10052",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The vulnerability is caused by programs not clearing reserved memory in the TZ subsystem (like TZ application and PIL image subsystem) after using it. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-10052"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-10052",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-68593",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-10052",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "id": "VAR-201804-0337",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:18.158000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Repair measures for closed source component security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81358"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-10052"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-10052"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "date": "2018-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "date": "2018-04-18T14:29:00.807000",
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-68593"
          },
          {
            "date": "2018-05-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2014-10052"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          },
          {
            "date": "2018-05-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          },
          {
            "date": "2024-11-21T02:03:24.807000",
            "db": "NVD",
            "id": "CVE-2014-10052"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003925"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1062"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0176

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, while logging debug statements or ftrace events from rmnet_data, the socket buffer function uses normal format specifiers which may result in information exposure. plural Qualcomm Run on product Android Contains an information disclosure vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A remote attacker could exploit this vulnerability to obtain sensitive information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0176",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10437",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10437",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-89213",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10437",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10437",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10437",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-901",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89213",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10437",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, while logging debug statements or ftrace events from rmnet_data, the socket buffer function uses normal format specifiers which may result in information exposure. plural Qualcomm Run on product Android Contains an information disclosure vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A remote attacker could exploit this vulnerability to obtain sensitive information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10437"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10437",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89213",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10437",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "id": "VAR-201804-0176",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:18.116000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Repair measures for closed source component information disclosure vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80257"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10437"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10437"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "date": "2018-04-18T14:29:11.293000",
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89213"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10437"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          },
          {
            "date": "2024-11-21T02:44:00.447000",
            "db": "NVD",
            "id": "CVE-2016-10437"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Vulnerable to information disclosure",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003603"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-901"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0234

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, improper access control in system call leads to unauthorized access. plural Qualcomm Run on product Android Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is an access control error vulnerability in the system calls of Qualcomm closed-source components in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to gain unauthorized access to the system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0234",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10422",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10422",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-89197",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10422",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10422",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10422",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-916",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89197",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10422",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, improper access control in system call leads to unauthorized access. plural Qualcomm Run on product Android Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is an access control error vulnerability in the system calls of Qualcomm closed-source components in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to gain unauthorized access to the system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10422"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10422",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-89197",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10422",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "id": "VAR-201804-0234",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:17.485000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Qualcomm Snapdragon",
            "trust": 0.8,
            "url": "https://www.qualcomm.co.jp/snapdragon"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80272"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-284",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10422"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10422"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/284.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "date": "2018-04-18T14:29:10.527000",
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89197"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10422"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          },
          {
            "date": "2018-05-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          },
          {
            "date": "2024-11-21T02:43:58.440000",
            "db": "NVD",
            "id": "CVE-2016-10422"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Access control vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003616"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-916"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0220

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in the thermal service of Qualcomm closed-source components in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to gain root privileges by sending a specially crafted request

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0220",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10450",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10450",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-89228",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10450",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10450",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10450",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-888",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89228",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10450",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in the thermal service of Qualcomm closed-source components in Android versions before 2018-04-05. A remote attacker could exploit this vulnerability to gain root privileges by sending a specially crafted request",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10450"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10450",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89228",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10450",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "id": "VAR-201804-0220",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:11.629000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 04 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80244"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10450"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10450"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "date": "2018-04-18T14:29:12.010000",
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89228"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10450"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          },
          {
            "date": "2018-05-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          },
          {
            "date": "2024-11-21T02:44:02.300000",
            "db": "NVD",
            "id": "CVE-2016-10450"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003581"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-888"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0151

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 835, improper input validation can occur while parsing an image. plural Qualcomm Run on product Android Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An input validation vulnerability exists in Qualcomm closed-source components in versions prior to Android 2018-04-05. A remote attacker could exploit this vulnerability to gain access

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0151",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10501",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10501",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-89284",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10501",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10501",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10501",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201708-710",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89284",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10501",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 835, improper input validation can occur while parsing an image. plural Qualcomm Run on product Android Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An input validation vulnerability exists in Qualcomm closed-source components in versions prior to Android 2018-04-05. A remote attacker could exploit this vulnerability to gain access",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10501"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10501",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-89284",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10501",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "id": "VAR-201804-0151",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:10.957000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.qualcomm.co.jp/"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10501"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10501"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "date": "2017-08-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "date": "2018-04-18T14:29:14.230000",
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89284"
          },
          {
            "date": "2018-04-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10501"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          },
          {
            "date": "2018-05-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          },
          {
            "date": "2024-11-21T02:44:08.903000",
            "db": "NVD",
            "id": "CVE-2016-10501"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Input validation vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003544"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-710"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0146

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, an integer overflow leading to buffer overflow can potentially occur in a memory API function. plural Qualcomm Run on product Android Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An integer overflow vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability by sending a specially crafted request to cause a buffer overflow and execute arbitrary code on the system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0146",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10412",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10412",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-89186",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10412",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10412",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10412",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-925",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89186",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10412",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, an integer overflow leading to buffer overflow can potentially occur in a memory API function. plural Qualcomm Run on product Android Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An integer overflow vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability by sending a specially crafted request to cause a buffer overflow and execute arbitrary code on the system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10412"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10412",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89186",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10412",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "id": "VAR-201804-0146",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:10.825000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 04 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixing measures for closed source component digital error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80281"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10412"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10412"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/190.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "date": "2018-04-18T14:29:09.997000",
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89186"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10412"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          },
          {
            "date": "2018-05-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          },
          {
            "date": "2024-11-21T02:43:57.133000",
            "db": "NVD",
            "id": "CVE-2016-10412"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003608"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-925"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0200

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, improper input validation infuse read request leads to memory corruption. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A security vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability to cause memory corruption

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0200",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca4531_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9980_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10436",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10436",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-89212",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10436",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10436",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10436",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-902",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89212",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10436",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, improper input validation infuse read request leads to memory corruption. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A security vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability to cause memory corruption",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10436"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10436",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89212",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10436",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "id": "VAR-201804-0200",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:10.311000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80258"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10436"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10436"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "date": "2018-04-18T14:29:11.247000",
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89212"
          },
          {
            "date": "2018-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10436"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          },
          {
            "date": "2018-05-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          },
          {
            "date": "2024-11-21T02:44:00.293000",
            "db": "NVD",
            "id": "CVE-2016-10436"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003593"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-902"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0122

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when an RSA encryption operation is called, the ce_util_to_unsigned_bin is invoked to convert the input buffer to unsigned binary. The ce_util_to_unsigned_bin function, instead of operating on the size of the unsigned character buffer that is passed, operates on the address - i.e. operates on "c" instead of "*c". Decrementing the address to check if it is less than zero means that the operation will always pass, since a pointer will never be less than zero, and may result in a buffer overflow. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially crafted request

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0122",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-9138",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-9138",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-87099",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-9138",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9138",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-9138",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-1012",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87099",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-9138",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when an RSA encryption operation is called, the ce_util_to_unsigned_bin is invoked to convert the input buffer to unsigned binary. The ce_util_to_unsigned_bin function, instead of operating on the size of the unsigned character buffer that is passed, operates on the address - i.e. operates on \"c\" instead of \"*c\". Decrementing the address to check if it is less than zero means that the operation will always pass, since a pointer will never be less than zero, and may result in a buffer overflow. plural Qualcomm Run on product Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions prior to 2018-04-05. A remote attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially crafted request",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9138"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9138",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-87099",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9138",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "id": "VAR-201804-0122",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:10.014000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Fixes for closed source component buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80368"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9138"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9138"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "date": "2018-04-18T14:29:04.480000",
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87099"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9138"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          },
          {
            "date": "2018-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          },
          {
            "date": "2024-11-21T02:39:53.070000",
            "db": "NVD",
            "id": "CVE-2015-9138"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003829"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1012"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201804-0129

    Vulnerability from variot - Updated: 2024-11-23 21:39

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, code to zeroize AES key could be compiled out by compiler which could potentially result in information disclosure. plural Qualcomm Run on product Android Contains an information disclosure vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An attacker could exploit this vulnerability to obtain sensitive information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0129",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 400",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 800",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 808",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "20"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_808_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "103671"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-9123",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-9123",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-87084",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-9123",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9123",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-9123",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201804-1026",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87084",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-9123",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, code to zeroize AES key could be compiled out by compiler which could potentially result in information disclosure. plural Qualcomm Run on product Android Contains an information disclosure vulnerability.Information may be obtained. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An attacker could exploit this vulnerability to obtain sensitive information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9123"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9123",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "103671",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-87084",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9123",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "id": "VAR-201804-0129",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:39:09.762000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "title": "Android Qualcomm Repair measures for closed source component information disclosure vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80382"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/103671"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9123"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9123"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-04-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "db": "BID",
            "id": "103671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "date": "2018-04-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "date": "2018-04-18T14:29:03.463000",
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87084"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-9123"
          },
          {
            "date": "2018-04-05T00:00:00",
            "db": "BID",
            "id": "103671"
          },
          {
            "date": "2018-06-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          },
          {
            "date": "2018-05-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          },
          {
            "date": "2024-11-21T02:39:50.973000",
            "db": "NVD",
            "id": "CVE-2015-9123"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Run on product  Android Vulnerable to information disclosure",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-003821"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201804-1026"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0050

    Vulnerability from variot - Updated: 2024-11-23 21:00

    In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart. Snapdragon (Automobile , Mobile , Wear) Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Security flaws exist in several Qualcomm products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0050",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9955",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9955",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9955_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          }
        ]
      },
      "cve": "CVE-2017-18301",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18301",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109410",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18301",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18301",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18301",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-974",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109410",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18301",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart. Snapdragon (Automobile , Mobile , Wear) Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Security flaws exist in several Qualcomm products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18301",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109410",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "id": "VAR-201809-0050",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:00:54.010000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 8 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components\\"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85087"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-476",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.2,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18301"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/476.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "date": "2018-09-20T13:29:00.370000",
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "date": "2024-11-21T03:19:48.573000",
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon In product  NULL Pointer dereference vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201810-0058

    Vulnerability from variot - Updated: 2024-11-23 20:19

    While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An input validation vulnerability exists in several Qualcomm Snapdragon products. An attacker can exploit this vulnerability to cause a buffer out-of-bounds read

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18294"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          }
        ]
      },
      "cve": "CVE-2017-18294",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18294",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109402",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18294",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18294",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18294",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201810-1155",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109402",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18294",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18294"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An input validation vulnerability exists in several Qualcomm Snapdragon products. An attacker can exploit this vulnerability to cause a buffer out-of-bounds read",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18294"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18294",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109402",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18294",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18294"
          }
        ]
      },
      "id": "VAR-201810-0058",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109402"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T20:19:29.168000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "October 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Fixes for product input validation vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86253"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109402"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18294"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18294"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18294"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/125.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18294"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109402",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18294",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18294",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109402",
            "ident": null
          },
          {
            "date": "2018-10-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18294",
            "ident": null
          },
          {
            "date": "2019-01-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014302",
            "ident": null
          },
          {
            "date": "2018-10-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1155",
            "ident": null
          },
          {
            "date": "2018-10-23T13:29:01.400000",
            "db": "NVD",
            "id": "CVE-2017-18294",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109402",
            "ident": null
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18294",
            "ident": null
          },
          {
            "date": "2019-01-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014302",
            "ident": null
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1155",
            "ident": null
          },
          {
            "date": "2024-11-21T03:19:47.590000",
            "db": "NVD",
            "id": "CVE-2017-18294",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural  Snapdragon Vulnerability related to input validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014302"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1155"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201810-0039

    Vulnerability from variot - Updated: 2024-11-23 20:14

    Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9640 is a central processing unit (CPU) product of Qualcomm (Qualcomm). A buffer error vulnerability exists in Power in several Qualcomm products, which is caused by the program not fully allocating memory. An attacker could exploit this vulnerability to crash the application

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qaulcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18304"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          }
        ]
      },
      "cve": "CVE-2017-18304",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18304",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109413",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18304",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18304",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18304",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201810-1163",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109413",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18304",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18304"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9640 is a central processing unit (CPU) product of Qualcomm (Qualcomm). A buffer error vulnerability exists in Power in several Qualcomm products, which is caused by the program not fully allocating memory. An attacker could exploit this vulnerability to crash the application",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18304"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18304",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109413",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18304",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18304"
          }
        ]
      },
      "id": "VAR-201810-0039",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109413"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T20:14:00.814000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "October 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon product Power Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86261"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18304"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.2,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18304"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18304"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/125.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18304"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109413",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18304",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18304",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109413",
            "ident": null
          },
          {
            "date": "2018-10-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18304",
            "ident": null
          },
          {
            "date": "2019-01-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014313",
            "ident": null
          },
          {
            "date": "2018-10-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1163",
            "ident": null
          },
          {
            "date": "2018-10-23T13:29:02.430000",
            "db": "NVD",
            "id": "CVE-2017-18304",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109413",
            "ident": null
          },
          {
            "date": "2018-12-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18304",
            "ident": null
          },
          {
            "date": "2019-01-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014313",
            "ident": null
          },
          {
            "date": "2020-07-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1163",
            "ident": null
          },
          {
            "date": "2024-11-21T03:19:49.023000",
            "db": "NVD",
            "id": "CVE-2017-18304",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural  Snapdragon Product out-of-bounds vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014313"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1163"
          }
        ],
        "trust": 0.6
      }
    }