Search

Find a vulnerability

Search criteria

    428 vulnerabilities found for sd_810_firmware by qualcomm

    CVE-2018-5852 (GCVE-0-2018-5852)

    Vulnerability from nvd – Published: 2024-11-26 13:56 – Updated: 2024-11-26 15:00
    VLAI
    Title
    Buffer Over-read in IPA
    Summary
    An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 430
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 617
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Create a notification for this product.
    qualcomm mdm9206_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9607_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9640_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9650_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm msm8909w_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_425_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_430_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_450_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_617_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_625_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_810_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820a_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_835_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_845_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9206_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9607_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9640_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9650_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "msm8909w_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_425_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_430_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_450_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_617_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_625_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_810_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820a_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_845_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-5852",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T14:52:25.968053Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-26T15:00:48.248Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Automobile",
                "Snapdragon Mobile",
                "Snapdragon Wear"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 617"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command \u0027cat /sys/kernel/debug/ipa/ip4_nat\u0027"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T13:56:25.527Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Buffer Over-read in IPA"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-5852",
        "datePublished": "2024-11-26T13:56:25.527Z",
        "dateReserved": "2018-01-19T00:00:00.000Z",
        "dateUpdated": "2024-11-26T15:00:48.248Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11952 (GCVE-0-2018-11952)

    Vulnerability from nvd – Published: 2024-11-26 08:55 – Updated: 2024-11-26 14:09
    VLAI
    Title
    Improper Authentication in TrustZone
    Summary
    An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 430
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 617
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-11952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T14:02:10.500974Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-26T14:09:22.979Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Wired Infrastructure and Networking"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 617"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An image with a version lower than the fuse version may potentially be booted lead to improper authentication."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T08:55:24.910Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Improper Authentication in TrustZone"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-11952",
        "datePublished": "2024-11-26T08:55:24.910Z",
        "dateReserved": "2018-06-07T00:00:00.000Z",
        "dateUpdated": "2024-11-26T14:09:22.979Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-11076 (GCVE-0-2017-11076)

    Vulnerability from nvd – Published: 2024-11-26 08:55 – Updated: 2024-11-26 14:09
    VLAI
    Title
    Use of Out-of-range Pointer Offset in Video
    Summary
    On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-823 - Use of Out-of-range Pointer Offset
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MSM8909W
    Affected: MSM8996AU
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 427
    Affected: SD 430
    Affected: SD 435
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 625
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Affected: SDM429
    Affected: SDM439
    Affected: SDM630
    Affected: SDM632
    Affected: SDM636
    Affected: SDM660
    Affected: SDM710
    Affected: Snapdragon_High_Med_2016
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2017-11076",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T14:02:40.745497Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-26T14:09:23.728Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Automobile",
                "Snapdragon Mobile",
                "Snapdragon Wear"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "MSM8996AU"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 427"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 435"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                },
                {
                  "status": "affected",
                  "version": "SDM429"
                },
                {
                  "status": "affected",
                  "version": "SDM439"
                },
                {
                  "status": "affected",
                  "version": "SDM630"
                },
                {
                  "status": "affected",
                  "version": "SDM632"
                },
                {
                  "status": "affected",
                  "version": "SDM636"
                },
                {
                  "status": "affected",
                  "version": "SDM660"
                },
                {
                  "status": "affected",
                  "version": "SDM710"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-823",
                  "description": "CWE-823 Use of Out-of-range Pointer Offset",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T08:55:15.692Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Use of Out-of-range Pointer Offset in Video"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-11076",
        "datePublished": "2024-11-26T08:55:15.692Z",
        "dateReserved": "2017-07-07T00:00:00.000Z",
        "dateUpdated": "2024-11-26T14:09:23.728Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-9711 (GCVE-0-2017-9711)

    Vulnerability from nvd – Published: 2024-11-22 09:09 – Updated: 2024-11-22 11:40
    VLAI
    Title
    Permissions, Privileges, and Access Controls in Data
    Summary
    Certain unprivileged processes are able to perform IOCTL calls.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 430
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 617
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Create a notification for this product.
    qualcomm mdm9206_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9607_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9640_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9650_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm msm8909w_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_425_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_430_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_450_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_617_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_625_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_810_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820a_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_835_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_845_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9206_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9607_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9640_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9650_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "msm8909w_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_425_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_430_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_450_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_617_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_625_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_810_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820a_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_845_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2017-9711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T11:39:56.991803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T11:40:06.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Automobile",
                "Snapdragon Mobile",
                "Snapdragon Wear"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 617"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Certain unprivileged processes are able to perform IOCTL calls."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T09:09:10.630Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Permissions, Privileges, and Access Controls in Data"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-9711",
        "datePublished": "2024-11-22T09:09:10.630Z",
        "dateReserved": "2017-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-22T11:40:06.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18279 (GCVE-0-2017-18279)

    Vulnerability from nvd – Published: 2019-05-06 22:58 – Updated: 2024-08-05 21:13
    VLAI
    Summary
    Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • CWE680: Integer Overflow to Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm Technologies, Inc. Small Cell SoC, Snapdragon Mobile, Snapdragon Wear Affected: FSM9055
    Affected: FSM9955
    Affected: IPQ4019
    Affected: IPQ8064
    Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: MSM8996AU
    Affected: QCA9531
    Affected: QCA9558
    Affected: QCA9563
    Affected: QCA9880
    Affected: QCA9886
    Affected: QCA9980
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 427
    Affected: SD 430
    Affected: SD 435
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 800
    Affected: SD 810
    Affected: SD 820
    Affected: SD 835
    Affected: SDM630
    Affected: SDM636
    Affected: SDM660
    Affected: SDX20
    Affected: Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-03-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:13:49.301Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm Technologies, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "FSM9055"
                },
                {
                  "status": "affected",
                  "version": "FSM9955"
                },
                {
                  "status": "affected",
                  "version": "IPQ4019"
                },
                {
                  "status": "affected",
                  "version": "IPQ8064"
                },
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "MSM8996AU"
                },
                {
                  "status": "affected",
                  "version": "QCA9531"
                },
                {
                  "status": "affected",
                  "version": "QCA9558"
                },
                {
                  "status": "affected",
                  "version": "QCA9563"
                },
                {
                  "status": "affected",
                  "version": "QCA9880"
                },
                {
                  "status": "affected",
                  "version": "QCA9886"
                },
                {
                  "status": "affected",
                  "version": "QCA9980"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 427"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 435"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 800"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SDM630"
                },
                {
                  "status": "affected",
                  "version": "SDM636"
                },
                {
                  "status": "affected",
                  "version": "SDM660"
                },
                {
                  "status": "affected",
                  "version": "SDX20"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE680: Integer Overflow to Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-06T22:58:17.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18279",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FSM9055"
                              },
                              {
                                "version_value": "FSM9955"
                              },
                              {
                                "version_value": "IPQ4019"
                              },
                              {
                                "version_value": "IPQ8064"
                              },
                              {
                                "version_value": "MDM9206"
                              },
                              {
                                "version_value": "MDM9607"
                              },
                              {
                                "version_value": "MDM9640"
                              },
                              {
                                "version_value": "MDM9650"
                              },
                              {
                                "version_value": "MSM8909W"
                              },
                              {
                                "version_value": "MSM8996AU"
                              },
                              {
                                "version_value": "QCA9531"
                              },
                              {
                                "version_value": "QCA9558"
                              },
                              {
                                "version_value": "QCA9563"
                              },
                              {
                                "version_value": "QCA9880"
                              },
                              {
                                "version_value": "QCA9886"
                              },
                              {
                                "version_value": "QCA9980"
                              },
                              {
                                "version_value": "SD 210/SD 212/SD 205"
                              },
                              {
                                "version_value": "SD 425"
                              },
                              {
                                "version_value": "SD 427"
                              },
                              {
                                "version_value": "SD 430"
                              },
                              {
                                "version_value": "SD 435"
                              },
                              {
                                "version_value": "SD 450"
                              },
                              {
                                "version_value": "SD 615/16/SD 415"
                              },
                              {
                                "version_value": "SD 625"
                              },
                              {
                                "version_value": "SD 650/52"
                              },
                              {
                                "version_value": "SD 800"
                              },
                              {
                                "version_value": "SD 810"
                              },
                              {
                                "version_value": "SD 820"
                              },
                              {
                                "version_value": "SD 835"
                              },
                              {
                                "version_value": "SDM630"
                              },
                              {
                                "version_value": "SDM636"
                              },
                              {
                                "version_value": "SDM660"
                              },
                              {
                                "version_value": "SDX20"
                              },
                              {
                                "version_value": "Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm Technologies, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE680: Integer Overflow to Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "MISC",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18279",
        "datePublished": "2019-05-06T22:58:17.000Z",
        "dateReserved": "2018-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:13:49.301Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18173 (GCVE-0-2017-18173)

    Vulnerability from nvd – Published: 2019-05-06 22:34 – Updated: 2024-08-05 21:13
    VLAI
    Summary
    In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • CWE190: Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm Technologies, Inc. Snapdragon Mobile Affected: SD 425
    Affected: SD 427
    Affected: SD 430
    Affected: SD 435
    Affected: SD 450
    Affected: SD 625
    Affected: SD 810
    Affected: SD 820
    Affected: SD 835
    Affected: SDM630
    Affected: SDM636
    Affected: SDM660
    Affected: Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-03-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:13:48.916Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm Technologies, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 427"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 435"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SDM630"
                },
                {
                  "status": "affected",
                  "version": "SDM636"
                },
                {
                  "status": "affected",
                  "version": "SDM660"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE190: Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-06T22:34:44.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18173",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 425"
                              },
                              {
                                "version_value": "SD 427"
                              },
                              {
                                "version_value": "SD 430"
                              },
                              {
                                "version_value": "SD 435"
                              },
                              {
                                "version_value": "SD 450"
                              },
                              {
                                "version_value": "SD 625"
                              },
                              {
                                "version_value": "SD 810"
                              },
                              {
                                "version_value": "SD 820"
                              },
                              {
                                "version_value": "SD 835"
                              },
                              {
                                "version_value": "SDM630"
                              },
                              {
                                "version_value": "SDM636"
                              },
                              {
                                "version_value": "SDM660"
                              },
                              {
                                "version_value": "Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm Technologies, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE190: Integer Overflow or Wraparound"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "MISC",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18173",
        "datePublished": "2019-05-06T22:34:44.000Z",
        "dateReserved": "2018-02-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:13:48.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5869 (GCVE-0-2018-5869)

    Vulnerability from nvd – Published: 2019-01-18 22:00 – Updated: 2024-08-05 05:47
    VLAI
    Summary
    Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile,Snapdragon Wear Affected: MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810
    Create a notification for this product.
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:47:55.922Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile,Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-5869",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile,Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-5869",
        "datePublished": "2019-01-18T22:00:00.000Z",
        "dateReserved": "2018-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:47:55.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11279 (GCVE-0-2018-11279)

    Vulnerability from nvd – Published: 2019-01-18 22:00 – Updated: 2024-08-05 08:01
    VLAI
    Summary
    Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in Modem
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
    Create a notification for this product.
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:01:52.816Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Modem",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-11279",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Modem"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-11279",
        "datePublished": "2019-01-18T22:00:00.000Z",
        "dateReserved": "2018-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:01:52.816Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8276 (GCVE-0-2017-8276)

    Vulnerability from nvd – Published: 2019-01-18 22:00 – Updated: 2024-08-05 16:34
    VLAI
    Summary
    Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Improper Authorization in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:34:21.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-8276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-8276",
        "datePublished": "2019-01-18T22:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T16:34:21.553Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18330 (GCVE-0-2017-18330)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in Crypto
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.284Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Crypto",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18330",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Crypto"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18330",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.284Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18329 (GCVE-0-2017-18329)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in Modem Data
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:49.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Modem Data",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18329",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Modem Data"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18329",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:49.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18326 (GCVE-0-2017-18326)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in Modem
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:49.895Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in Modem",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18326",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in Modem"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18326",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:49.895Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18324 (GCVE-0-2017-18324)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in GERAN
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.552Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in GERAN",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18324",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in GERAN"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18324",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18322 (GCVE-0-2017-18322)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in WCDMA
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.234Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in WCDMA",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18322",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in WCDMA"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18322",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18320 (GCVE-0-2017-18320)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130.
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in TZ
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile Affected: MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.721Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in TZ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18320",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in TZ"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18320",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.721Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18319 (GCVE-0-2017-18319)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Key Management Errors in Modem
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.528Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Key Management Errors in Modem",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18319",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Key Management Errors in Modem"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18319",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18141 (GCVE-0-2017-18141)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:13
    VLAI
    Summary
    When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Improper Access Control in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:13:48.732Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Access Control in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18141",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Access Control in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18141",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-02-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:13:48.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-11004 (GCVE-0-2017-11004)

    Vulnerability from nvd – Published: 2019-01-03 15:00 – Updated: 2024-08-05 17:57
    VLAI
    Summary
    A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in Core
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T17:57:56.805Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in Core",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-11004",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in Core"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-11004",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2017-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-05T17:57:56.805Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5852 (GCVE-0-2018-5852)

    Vulnerability from cvelistv5 – Published: 2024-11-26 13:56 – Updated: 2024-11-26 15:00
    VLAI
    Title
    Buffer Over-read in IPA
    Summary
    An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 430
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 617
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Create a notification for this product.
    qualcomm mdm9206_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9607_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9640_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9650_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm msm8909w_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_425_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_430_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_450_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_617_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_625_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_810_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820a_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_835_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_845_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9206_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9607_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9640_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9650_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "msm8909w_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_425_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_430_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_450_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_617_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_625_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_810_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820a_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_845_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-5852",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T14:52:25.968053Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-26T15:00:48.248Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Automobile",
                "Snapdragon Mobile",
                "Snapdragon Wear"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 617"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command \u0027cat /sys/kernel/debug/ipa/ip4_nat\u0027"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T13:56:25.527Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Buffer Over-read in IPA"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-5852",
        "datePublished": "2024-11-26T13:56:25.527Z",
        "dateReserved": "2018-01-19T00:00:00.000Z",
        "dateUpdated": "2024-11-26T15:00:48.248Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11952 (GCVE-0-2018-11952)

    Vulnerability from cvelistv5 – Published: 2024-11-26 08:55 – Updated: 2024-11-26 14:09
    VLAI
    Title
    Improper Authentication in TrustZone
    Summary
    An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 430
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 617
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-11952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T14:02:10.500974Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-26T14:09:22.979Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Wired Infrastructure and Networking"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 617"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An image with a version lower than the fuse version may potentially be booted lead to improper authentication."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T08:55:24.910Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Improper Authentication in TrustZone"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-11952",
        "datePublished": "2024-11-26T08:55:24.910Z",
        "dateReserved": "2018-06-07T00:00:00.000Z",
        "dateUpdated": "2024-11-26T14:09:22.979Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-11076 (GCVE-0-2017-11076)

    Vulnerability from cvelistv5 – Published: 2024-11-26 08:55 – Updated: 2024-11-26 14:09
    VLAI
    Title
    Use of Out-of-range Pointer Offset in Video
    Summary
    On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-823 - Use of Out-of-range Pointer Offset
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MSM8909W
    Affected: MSM8996AU
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 427
    Affected: SD 430
    Affected: SD 435
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 625
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Affected: SDM429
    Affected: SDM439
    Affected: SDM630
    Affected: SDM632
    Affected: SDM636
    Affected: SDM660
    Affected: SDM710
    Affected: Snapdragon_High_Med_2016
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2017-11076",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T14:02:40.745497Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-26T14:09:23.728Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Automobile",
                "Snapdragon Mobile",
                "Snapdragon Wear"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "MSM8996AU"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 427"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 435"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                },
                {
                  "status": "affected",
                  "version": "SDM429"
                },
                {
                  "status": "affected",
                  "version": "SDM439"
                },
                {
                  "status": "affected",
                  "version": "SDM630"
                },
                {
                  "status": "affected",
                  "version": "SDM632"
                },
                {
                  "status": "affected",
                  "version": "SDM636"
                },
                {
                  "status": "affected",
                  "version": "SDM660"
                },
                {
                  "status": "affected",
                  "version": "SDM710"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-823",
                  "description": "CWE-823 Use of Out-of-range Pointer Offset",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-26T08:55:15.692Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Use of Out-of-range Pointer Offset in Video"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-11076",
        "datePublished": "2024-11-26T08:55:15.692Z",
        "dateReserved": "2017-07-07T00:00:00.000Z",
        "dateUpdated": "2024-11-26T14:09:23.728Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-9711 (GCVE-0-2017-9711)

    Vulnerability from cvelistv5 – Published: 2024-11-22 09:09 – Updated: 2024-11-22 11:40
    VLAI
    Title
    Permissions, Privileges, and Access Controls in Data
    Summary
    Certain unprivileged processes are able to perform IOCTL calls.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 430
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 617
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 810
    Affected: SD 820
    Affected: SD 820A
    Affected: SD 835
    Affected: SD 845
    Create a notification for this product.
    qualcomm mdm9206_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9607_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9640_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm mdm9650_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm msm8909w_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_425_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_430_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_450_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_617_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_625_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_810_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_820a_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_835_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    qualcomm sd_845_firmware Affected: 0 , ≤ * (custom)
        cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9206_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9607_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9640_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mdm9650_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "msm8909w_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_425_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_430_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_450_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_617_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_625_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_810_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_820a_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_835_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sd_845_firmware",
                "vendor": "qualcomm",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2017-9711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T11:39:56.991803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T11:40:06.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Automobile",
                "Snapdragon Mobile",
                "Snapdragon Wear"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 617"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 820A"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SD 845"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Certain unprivileged processes are able to perform IOCTL calls."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T09:09:10.630Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html"
            }
          ],
          "title": "Permissions, Privileges, and Access Controls in Data"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-9711",
        "datePublished": "2024-11-22T09:09:10.630Z",
        "dateReserved": "2017-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-22T11:40:06.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18279 (GCVE-0-2017-18279)

    Vulnerability from cvelistv5 – Published: 2019-05-06 22:58 – Updated: 2024-08-05 21:13
    VLAI
    Summary
    Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • CWE680: Integer Overflow to Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm Technologies, Inc. Small Cell SoC, Snapdragon Mobile, Snapdragon Wear Affected: FSM9055
    Affected: FSM9955
    Affected: IPQ4019
    Affected: IPQ8064
    Affected: MDM9206
    Affected: MDM9607
    Affected: MDM9640
    Affected: MDM9650
    Affected: MSM8909W
    Affected: MSM8996AU
    Affected: QCA9531
    Affected: QCA9558
    Affected: QCA9563
    Affected: QCA9880
    Affected: QCA9886
    Affected: QCA9980
    Affected: SD 210/SD 212/SD 205
    Affected: SD 425
    Affected: SD 427
    Affected: SD 430
    Affected: SD 435
    Affected: SD 450
    Affected: SD 615/16/SD 415
    Affected: SD 625
    Affected: SD 650/52
    Affected: SD 800
    Affected: SD 810
    Affected: SD 820
    Affected: SD 835
    Affected: SDM630
    Affected: SDM636
    Affected: SDM660
    Affected: SDX20
    Affected: Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-03-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:13:49.301Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm Technologies, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "FSM9055"
                },
                {
                  "status": "affected",
                  "version": "FSM9955"
                },
                {
                  "status": "affected",
                  "version": "IPQ4019"
                },
                {
                  "status": "affected",
                  "version": "IPQ8064"
                },
                {
                  "status": "affected",
                  "version": "MDM9206"
                },
                {
                  "status": "affected",
                  "version": "MDM9607"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "MDM9650"
                },
                {
                  "status": "affected",
                  "version": "MSM8909W"
                },
                {
                  "status": "affected",
                  "version": "MSM8996AU"
                },
                {
                  "status": "affected",
                  "version": "QCA9531"
                },
                {
                  "status": "affected",
                  "version": "QCA9558"
                },
                {
                  "status": "affected",
                  "version": "QCA9563"
                },
                {
                  "status": "affected",
                  "version": "QCA9880"
                },
                {
                  "status": "affected",
                  "version": "QCA9886"
                },
                {
                  "status": "affected",
                  "version": "QCA9980"
                },
                {
                  "status": "affected",
                  "version": "SD 210/SD 212/SD 205"
                },
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 427"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 435"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 615/16/SD 415"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 650/52"
                },
                {
                  "status": "affected",
                  "version": "SD 800"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SDM630"
                },
                {
                  "status": "affected",
                  "version": "SDM636"
                },
                {
                  "status": "affected",
                  "version": "SDM660"
                },
                {
                  "status": "affected",
                  "version": "SDX20"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE680: Integer Overflow to Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-06T22:58:17.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18279",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FSM9055"
                              },
                              {
                                "version_value": "FSM9955"
                              },
                              {
                                "version_value": "IPQ4019"
                              },
                              {
                                "version_value": "IPQ8064"
                              },
                              {
                                "version_value": "MDM9206"
                              },
                              {
                                "version_value": "MDM9607"
                              },
                              {
                                "version_value": "MDM9640"
                              },
                              {
                                "version_value": "MDM9650"
                              },
                              {
                                "version_value": "MSM8909W"
                              },
                              {
                                "version_value": "MSM8996AU"
                              },
                              {
                                "version_value": "QCA9531"
                              },
                              {
                                "version_value": "QCA9558"
                              },
                              {
                                "version_value": "QCA9563"
                              },
                              {
                                "version_value": "QCA9880"
                              },
                              {
                                "version_value": "QCA9886"
                              },
                              {
                                "version_value": "QCA9980"
                              },
                              {
                                "version_value": "SD 210/SD 212/SD 205"
                              },
                              {
                                "version_value": "SD 425"
                              },
                              {
                                "version_value": "SD 427"
                              },
                              {
                                "version_value": "SD 430"
                              },
                              {
                                "version_value": "SD 435"
                              },
                              {
                                "version_value": "SD 450"
                              },
                              {
                                "version_value": "SD 615/16/SD 415"
                              },
                              {
                                "version_value": "SD 625"
                              },
                              {
                                "version_value": "SD 650/52"
                              },
                              {
                                "version_value": "SD 800"
                              },
                              {
                                "version_value": "SD 810"
                              },
                              {
                                "version_value": "SD 820"
                              },
                              {
                                "version_value": "SD 835"
                              },
                              {
                                "version_value": "SDM630"
                              },
                              {
                                "version_value": "SDM636"
                              },
                              {
                                "version_value": "SDM660"
                              },
                              {
                                "version_value": "SDX20"
                              },
                              {
                                "version_value": "Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm Technologies, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE680: Integer Overflow to Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "MISC",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18279",
        "datePublished": "2019-05-06T22:58:17.000Z",
        "dateReserved": "2018-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:13:49.301Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18173 (GCVE-0-2017-18173)

    Vulnerability from cvelistv5 – Published: 2019-05-06 22:34 – Updated: 2024-08-05 21:13
    VLAI
    Summary
    In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • CWE190: Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm Technologies, Inc. Snapdragon Mobile Affected: SD 425
    Affected: SD 427
    Affected: SD 430
    Affected: SD 435
    Affected: SD 450
    Affected: SD 625
    Affected: SD 810
    Affected: SD 820
    Affected: SD 835
    Affected: SDM630
    Affected: SDM636
    Affected: SDM660
    Affected: Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-03-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:13:48.916Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile",
              "vendor": "Qualcomm Technologies, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "SD 425"
                },
                {
                  "status": "affected",
                  "version": "SD 427"
                },
                {
                  "status": "affected",
                  "version": "SD 430"
                },
                {
                  "status": "affected",
                  "version": "SD 435"
                },
                {
                  "status": "affected",
                  "version": "SD 450"
                },
                {
                  "status": "affected",
                  "version": "SD 625"
                },
                {
                  "status": "affected",
                  "version": "SD 810"
                },
                {
                  "status": "affected",
                  "version": "SD 820"
                },
                {
                  "status": "affected",
                  "version": "SD 835"
                },
                {
                  "status": "affected",
                  "version": "SDM630"
                },
                {
                  "status": "affected",
                  "version": "SDM636"
                },
                {
                  "status": "affected",
                  "version": "SDM660"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE190: Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-06T22:34:44.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18173",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SD 425"
                              },
                              {
                                "version_value": "SD 427"
                              },
                              {
                                "version_value": "SD 430"
                              },
                              {
                                "version_value": "SD 435"
                              },
                              {
                                "version_value": "SD 450"
                              },
                              {
                                "version_value": "SD 625"
                              },
                              {
                                "version_value": "SD 810"
                              },
                              {
                                "version_value": "SD 820"
                              },
                              {
                                "version_value": "SD 835"
                              },
                              {
                                "version_value": "SDM630"
                              },
                              {
                                "version_value": "SDM636"
                              },
                              {
                                "version_value": "SDM660"
                              },
                              {
                                "version_value": "Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm Technologies, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE190: Integer Overflow or Wraparound"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "MISC",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18173",
        "datePublished": "2019-05-06T22:34:44.000Z",
        "dateReserved": "2018-02-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:13:48.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5869 (GCVE-0-2018-5869)

    Vulnerability from cvelistv5 – Published: 2019-01-18 22:00 – Updated: 2024-08-05 05:47
    VLAI
    Summary
    Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile,Snapdragon Wear Affected: MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810
    Create a notification for this product.
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:47:55.922Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile,Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-5869",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile,Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-5869",
        "datePublished": "2019-01-18T22:00:00.000Z",
        "dateReserved": "2018-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:47:55.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11279 (GCVE-0-2018-11279)

    Vulnerability from cvelistv5 – Published: 2019-01-18 22:00 – Updated: 2024-08-05 08:01
    VLAI
    Summary
    Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in Modem
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
    Create a notification for this product.
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:01:52.816Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Modem",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2018-11279",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Modem"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2018-11279",
        "datePublished": "2019-01-18T22:00:00.000Z",
        "dateReserved": "2018-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:01:52.816Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8276 (GCVE-0-2017-8276)

    Vulnerability from cvelistv5 – Published: 2019-01-18 22:00 – Updated: 2024-08-05 16:34
    VLAI
    Summary
    Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Improper Authorization in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:34:21.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-8276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-8276",
        "datePublished": "2019-01-18T22:00:00.000Z",
        "dateReserved": "2017-04-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T16:34:21.553Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18141 (GCVE-0-2017-18141)

    Vulnerability from cvelistv5 – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:13
    VLAI
    Summary
    When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Improper Access Control in TrustZone
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Affected: IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:13:48.732Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Access Control in TrustZone",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18141",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Access Control in TrustZone"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18141",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-02-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:13:48.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18322 (GCVE-0-2017-18322)

    Vulnerability from cvelistv5 – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in WCDMA
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.234Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in WCDMA",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18322",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in WCDMA"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18322",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-18319 (GCVE-0-2017-18319)

    Vulnerability from cvelistv5 – Published: 2019-01-03 15:00 – Updated: 2024-08-05 21:20
    VLAI
    Summary
    Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.
    Severity
    No CVSS data available.
    CWE
    • Key Management Errors in Modem
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Wear Affected: MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016
    Create a notification for this product.
    Date Public
    2019-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:20:50.528Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins"
              },
              {
                "name": "106128",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Wear",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                }
              ]
            }
          ],
          "datePublic": "2019-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Key Management Errors in Modem",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-04T10:57:01.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106128",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2017-18319",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Wear",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Key Management Errors in Modem"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins"
                },
                {
                  "name": "106128",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2017-18319",
        "datePublished": "2019-01-03T15:00:00.000Z",
        "dateReserved": "2018-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:20:50.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }