Back to all manufacturers

Qualcomm

Qualcomm is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Qualcomm Integer oveflow diagnostics

(json)

• CVE numbers: CVE-2012-4220 [CVE-2012-4220], CVE-2012-4221 [CVE-2012-4221], CVE-2012-4222 [CVE-2012-4222]
• Coordinated disclosure?: true
• Categories: kernel
• Details: QCIR-2012-00001-1: Multiple security vulnerabilities have been discovered in the handling of the diagchar_ioctl() and kgsl_ioctl() system call parameters for the diagnostics (DIAG) and KGSL graphics kernel drivers for Android. [QCIR-2012-00001-1][archived]
• Discovered by: giantpune@gmail.com [QCIR-2012-00001-1][archived] on: 2012-04-30 [giantpune-email0]
• Reported on: 2012-11-15 [QCIR-2012-00001-1][archived]
• Fixed on: 2012-11-16 [QCIR-2012-00001-1][archived]
• Fix released on: Unknown
• Affected versions: 2.3 -- 4.2 released from CAF [QCIR-2012-00001-1][archived] regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2012-00001-1][archived]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-09-02; by: giantpune, on: 2014-10-17

Qualcomm missing checks put_user get_user

(json)

• CVE numbers: CVE-2013-6282 [QCIR-2013-00010-1][archived]
• Coordinated disclosure?: false
• Categories: kernel
• Details: Missing access checks in put_user/get_user kernel API (CVE-2013-6282 QCIR-2013-00010-1): The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This functionality was originally implemented and controlled by the domain switching feature (CONFIG_CPU_USE_DOMAINS), which has been deprecated due to architectural changes. As a result, any kernel code using these API functions may introduce a security issue where none existed before. This allows an application to read and write kernel memory to, e.g., escalated privileges. [QCIR-2013-00010-1][archived]
• Discovered by: Unknown, used in vroot exploit [QCIR-2013-00010-1][archived] on: 2013-09-06 [xda-developers-vroot]
• Reported on: 2013-09-06 [xda-developers-vroot]
• Fixed on: 2012-09-07 [msm-check_user_pointer-patch], 2013-07-15 [msm-check_user_pointer-patch]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2013-00010-1][archived]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-11-20

Qualcomm Gandalf camera driver

(json)

• CVE numbers: CVE-2013-2595 [QCIR-2013-00001-1][archived]
• Coordinated disclosure?: true
• Categories: kernel
• Details: The camera driver provides several interfaces to user space clients. The user space clients communicate to the kernel via syscalls such as ioctl or mmap. The camera driver provides an uncontrolled mmap interface that allows an application with access to the device file to map physical memory exceeding the camera driver's memory into user space. A locally installed, unprivileged application can use this flaw to escalate privileges. [QCIR-2013-00001-1][archived]
• Discovered by: alephzain alephzain1@gmail.com [QCIR-2013-00001-1][archived] on: 2013-03-15 [CVE-2013-2595]
• Reported on: 2013-05-01 [xda-developers-gandalf]
• Fixed on: 2013-05-01 [QCIR-2013-00001-1][archived]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [citation-needed]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-11-06

Motochopper

(json)

• CVE numbers: CVE-2013-2596 [citation-needed]
• Coordinated disclosure?: false
• Categories: kernel
• Details: Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9 QCIR-2013-00004-1 [QCIR-2013-00004-1]
• Discovered by: Dan Rosenberg [citation-needed] on: 2013-04-08 [citation-needed]
• Reported on: 2013-04-08 [azimuth-unlock-moto-bootloader#0][azimuth-unlock-moto-bootloader#1]
• Fixed on: 2013-04-19 [fb_mmap-patch]
• Fix released on: 2013-07-17 [xda-developers-motochopper]
• Affected versions: 4.1.2 [citation-needed] regex:
• Affected devices: (Atrix Hd, Razr hd, Razr M, Qualcomm Msm8960) [citation-needed]
• Affected manufacturers: Motorola [citation-needed], Qualcomm [QCIR-2013-00004-1]
• Fixed versions: 4.1.2 build 9.8.1Q-79 [citation-needed]
• Submission: by: Daniel R. Thomas, on: 2013-09-04

Qualcomm acdb audio buffer overflow

(json)

• CVE numbers: CVE-2013-2597 [QCIR-2013-00002-1][archived]
• Coordinated disclosure?: false
• Categories: kernel
• Details: The acdb audio driver provides an ioctl system call interface to user space clients for communication. When processing arguments passed to the ioctl handler, a user space supplied size is used to copy as many bytes from user space to a local stack buffer without proper bounds checking. An application with access to the /dev/msm_acdb device file (audio or system group) can use this flaw to, e.g., elevate privileges. QCIR-2013-00002-1 [QCIR-2013-00002-1][archived]
• Discovered by: @fi01_IS01 [QCIR-2013-00002-1][archived], Xuxian Jiang [QCIR-2013-00002-1][archived] on: 2013-05-08 [twitter-fi01_IS01][archived]
• Reported on: 2013-05-08 [twitter-fi01_IS01][archived]
• Fixed on: 2013-06-21 [QCIR-2013-00002-1][archived]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2013-00002-1][archived]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-11-08

Qualcomm Integer overflow camera

(json)

• CVE numbers: CVE-2013-4736 [QCIR-2013-00005-1]
• Coordinated disclosure?: false
• Categories: kernel
• Details: Integer overflow and signedness issue in camera JPEG engines (CVE-2013-4736) QCIR-2013-00005-1: The JPEG engines that are part of the camera driver provide an ioctl system call interface to user space clients for communication. When processing hardware commands ioctl calls, the drivers are incorrectly handling the number of commands included in the user space payload. This can lead to an integer overflow which subsequently results in the driver attempting to process hardware commands from out-of-bounds memory which can cause the kernel to crash. The same code also suffered from incorrectly treating the number of hardware commands as signed. [QCIR-2013-00005-1] Gemini JPEG encoder, Mercury JPEG decoder, and Jpeg1.0 common encoder/decoder contain an unspecified integer overflow condition during the handling of hardware command IOCTL calls that may allow a local attacker to cause a denial of service or potentially execute of arbitrary code. [osvdb-96924]
• Discovered by: alephzain alephzain1@gmail.com [QCIR-2013-00005-1] on: Unknown
• Reported on: 2013-08-29 [QCIR-2013-00005-1]
• Fixed on: 2013-07-31 [jpeg-integer-overflow-patch], 2013-06-28 [overflow-ioctl_hw_cmds-patch], 2013-06-11 [signedness-hw_exec_cmds-patch]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2013-00005-1]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-11-14

Qualcomm stack buffer overflow camera

(json)

• CVE numbers: CVE-2013-4738 [QCIR-2013-00008-1][archived], CVE-2013-4739 [QCIR-2013-00008-1][archived]
• Coordinated disclosure?: true
• Categories: kernel
• Details: Stack-based buffer overflow and memory disclosure in camera driver QCIR-2013-00008-1: A stack-based buffer overflow and a kernel memory disclosure vulnerability have been discovered in the system call handlers of the camera driver. [QCIR-2013-00008-1][archived]
• Discovered by: Jonathan Salwan of the Sysdream Security Lab [QCIR-2013-00008-1][archived] on: Unknown
• Reported on: 2013-10-15 [QCIR-2013-00008-1][archived]
• Fixed on: 2013-07-31 [msm-camera-dequeue-patch], 2013-08-09 [msm-bound-check-patch]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [citation-needed]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-11-20

Qualcomm Goodix driver procfs

(json)

• CVE numbers: CVE-2013-4740 [QCIR-2013-00009-1][archived], CVE-2013-6122 [QCIR-2013-00009-1][archived]
• Coordinated disclosure?: true
• Categories: kernel
• Details: Multiple memory corruption issues and race condition in Goodix gt915 touchscreen driver procfs handler (CVE-2013-4740 CVE-2013-6122) QCIR-2013-00009-1: Multiple issues have been identified in the Goodix gt915 touchscreen driver for Android. The issues were found in the write handler of the procfs entry created by the driver, which by default is readable and writeable to users without any specific privileges. [QCIR-2013-00009-1][archived]
• Discovered by: Jonathan Salwan of the Sysdream Security Lab [QCIR-2013-00009-1][archived] on: Unknown
• Reported on: 2013-11-07 [QCIR-2013-00009-1][archived]
• Fixed on: 2013-09-23 [msm-goodix-patch][archived]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2013-00009-1][archived]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2013-11-20

Qualcomm out of bounds camera

(json)

• CVE numbers: CVE-2013-6123 [QCIR-2014-00001-1][archived]
• Coordinated disclosure?: true
• Categories: kernel
• Details: Out of bounds array access in camera driver (CVE-2013-6123): The camera driver provides an ioctl system call interface to user space clients for communication. When processing this communication, the msm_ioctl_server, msm_server_send_ctrl, and msm_ctrl_cmd_done functions use a user-supplied value as an index to the server_queue array for read and write operations without any boundary checks. A local application with access to the camera device nodes can use this flaw to, e.g., elevate privileges. [QCIR-2014-00001-1][archived]
• Discovered by: alephzain alephzain1@gmail.com [QCIR-2014-00001-1][archived] on: 2013-10-10 [msm-camera-valid-patch]
• Reported on: 2014-01-10 [QCIR-2014-00001-1][archived]
• Fixed on: 2013-12-09 [msm-camera-bounds-patch], 2013-10-10 [msm-camera-valid-patch]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2014-00001-1][archived]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2014-04-16

Qualcomm chown init scripts

(json)

• CVE numbers: CVE-2013-6124 [QCIR-2014-00002-1][archived]
• Coordinated disclosure?: true
• Categories: permissions
• Details: Insecure owner/permission changes in init shell scripts (CVE-2013-6124): During the device start-up phase, several init shell scripts are executed with root privileges to configure various aspects of the system. During this process, standard toolchain commands such as chown or chmod are used to, e.g., change the owner of the sensor settings file to the system user. As these commands follow symbolic links (symlinks), an attacker with write access to these resources is able to conduct symlink attacks and thus change for example the owner of an arbitrary file to system. This flaw can be used to, e.g., elevate privileges. [QCIR-2014-00002-1][archived]
• Discovered by: Jon Sawyer [QCIR-2014-00002-1][archived] on: 2013-10-15 [CVE-2013-6124]
• Reported on: 2014-02-19 [QCIR-2014-00002-1][archived]
• Fixed on: 2013-11-14 [init-symlink-patch], 2013-10-30 [chown-symlink-patch], 2013-12-14 [chmod-symlink-patch], 2013-12-16 [chmod-args-patch]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [QCIR-2014-00002-1][archived]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2014-04-16

CVE-2014-9902

(json)

• CVE numbers: CVE-2014-9902 [Bulletin-CVE-2014-9902]
• Coordinated disclosure?: unknown
• Categories: Remote code execution vulnerability in Qualcomm Wi-Fi driver
• Details: Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a crafted Information Element (IE) in an 802.11 management frame, aka Android internal bug 28668638 and Qualcomm internal bugs CR553937 and CR553941. [NIST-CVE-2014-9902]
• Discovered by: on: Unknown
• Reported on: 2016-08-01 [Bulletin-CVE-2014-9902]
• Fixed on: 2013-11-07 [QC-CR#553937]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9902]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2014-9863

(json)

• CVE numbers: CVE-2014-9863 [Bulletin-CVE-2014-9863]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm components
• Details: Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470. [NIST-CVE-2014-9863]
• Discovered by: on: Unknown
• Reported on: 2016-08-01 [Bulletin-CVE-2014-9863]
• Fixed on: 2013-12-24 [QC-CR#549470]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9863]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2014-9794

(json)

• CVE numbers: CVE-2014-9794 [Bulletin-CVE-2014-9794]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm components
• Details: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0973. Reason: This candidate is a reservation duplicate of CVE-2014-0973. Notes: All CVE users should reference CVE-2014-0973 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. [NIST-CVE-2014-9794]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2014-9794]
• Fixed on: 2014-04-21 [QC-CR646385]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9794]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2014-9795

(json)

• CVE numbers: CVE-2014-9795 [Bulletin-CVE-2014-9795]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm components
• Details: app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and Qualcomm internal bug CR681957, a related issue to CVE-2014-4325. [NIST-CVE-2014-9795]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2014-9795]
• Fixed on: 2014-06-18 [2]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9795]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

QSEECOM driver

(json)

• CVE numbers: CVE-2014-4322 [qseecom-codeaurora][archived]
• Coordinated disclosure?: true
• Categories: kernel
• Details: A Linux kernel privilege escalation vulnerability allows arbitrary code to be executed within the kernel [qseecom-blog][archived]
• Discovered by: Gal Beniamini (laginimaineb) [qseecom-blog][archived] on: Unknown
• Reported on: 2014-09-24 [qseecom-blog][archived]
• Fixed on: 2014-12-22 [qseecom-codeaurora][archived]
• Fix released on: 2014-12-27 [qseecom-blog][archived]
• Affected versions: All versions using an unpatched kernel [qseecom-codeaurora][archived] regex:
• Affected devices: All devices using Qualcomm chipsets [qseecom-blog][archived]
• Affected manufacturers: Qualcomm [qseecom-blog][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

CVE-2016-8434

(json)

• CVE numbers: CVE-2016-8434 [Bulletin-CVE-2016-8434]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32125137. References: QC-CR#1081855. [NIST-CVE-2016-8434]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8434]
• Fixed on: 2015-02-27 [QC-CR#1081855]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8434]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0604

(json)

• CVE numbers: CVE-2017-0604 [Bulletin-CVE-2017-0604]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm power driver
• Details: An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589. [NIST-CVE-2017-0604]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2017-0604]
• Fixed on: 2015-04-20 [QC-CR#826589]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-0604]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

Use-After-Free camera driver exploit

(json)

• CVE numbers: CVE-2015-0568 [camera-driver-coreteam][archived]
• Coordinated disclosure?: true
• Categories: system
• Details: A use-after-free vulnerability in the camera driver of Qualcomm MSM 7x30 SoCs [camera-driver-coreteam][archived]
• Discovered by: Chiachih Wu and Yanfeng Wang [camera-driver-coreteam][archived] on: Unknown
• Reported on: 2015-06-05 [camera-driver-coreteam][archived]
• Fixed on: 2015-08-13 [camera-driver-coreteam][archived]
• Fix released on: 2015-08-21 [camera-driver-coreteam][archived]
• Affected versions: Linux kernel 3.x [nvd-camera-driver] regex:
• Affected devices: All devices using Qualcomm MSM 7x30 SoCs [camera-driver-coreteam][archived]
• Affected manufacturers: Qualcomm [camera-driver-coreteam][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

CVE-2015-8892

(json)

• CVE numbers: CVE-2015-8892 [Bulletin-CVE-2015-8892]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm components
• Details: platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998. [NIST-CVE-2015-8892]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2015-8892]
• Fixed on: 2015-09-08 [QC-CR902998]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-8892]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

QSEE privilege escalation

(json)

• CVE numbers: CVE-2015-6639 [qsee-blog][archived]
• Coordinated disclosure?: true
• Categories: system
• Details: A vulnerability in the driver for Qualcomm's Trusted Excecution Environment allows code execution in this environment [qsee-blog][archived]
• Discovered by: Gal Beniamini (laginimaineb) [qsee-blog][archived] on: Unknown
• Reported on: 2015-09-27 [qsee-blog][archived]
• Fixed on: 2015-12-14 [qsee-blog][archived]
• Fix released on: 2015-12-14 [qsee-blog][archived]
• Affected versions: 5.0-5.1.1 and 6.0 [cvedetails-qsee] regex: (5.0.[0-9])|(5.1.[0-1])|(6.0.[0-9])
• Affected devices: Several, including Droid Turbo, Nexus 6 and Moto X 2nd Gen [qsee-blog][archived]
• Affected manufacturers: Qualcomm [qsee-blog][archived]
• Fixed versions: 5.1.1 LMY94F, 6.0 [cvedetails-qsee]
• Submission: by: Daniel Carter, on: 2019-07-09

Qualcomm TrustZone

(json)

• CVE numbers: CVE-2016-2431 [trustzone-blog][archived]
• Coordinated disclosure?: true
• Categories: kernel
• Details: An exploit which allows code execution within the TrustZone kernel. This may allow capturing of secret keys, disabling of hardware protection and unlocking locked bootloaders [trustzone-blog][archived]
• Discovered by: Gal Beniamini (laginimaineb) [trustzone-blog][archived] on: Unknown
• Reported on: 2015-10-13 [trustzone-blog][archived]
• Fixed on: 2016-05-02 [trustzone-blog][archived]
• Fix released on: 2016-05-02 [trustzone-blog][archived]
• Affected versions: 6.0.1 [cvedetails-qualcomm-trustzone] regex:
• Affected devices: Many devices using Qualcomm SoCs, including Nexus 5, Nexus 6 and Nexus 7 (2013) [trustzone-bulletin]
• Affected manufacturers: Qualcomm [trustzone-bulletin]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

CVE-2016-0844

(json)

• CVE numbers: CVE-2016-0844 [Bulletin-CVE-2016-0844]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm RF component
• Details: The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307. [NIST-CVE-2016-0844]
• Discovered by: on: Unknown
• Reported on: 2016-04-02 [Bulletin-CVE-2016-0844]
• Fixed on: 2016-01-05 [ANDROID-26324307]
• Fix released on: Unknown
• Affected versions: 6.0, 6.0.1 [Bulletin-CVE-2016-0844] regex: (6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-0844]
• Fixed versions: 6.0, 6.0.1 [Bulletin-CVE-2016-0844]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-0805

(json)

• CVE numbers: CVE-2016-0805 [Bulletin-CVE-2016-0805]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Performance Module
• Details: The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204. [NIST-CVE-2016-0805]
• Discovered by: on: Unknown
• Reported on: 2016-02-01 [Bulletin-CVE-2016-0805]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: 4.4.4, 5.0, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0805] regex: (4.4.4)|(5.0.[0-9])|(5.1.1)|(6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-0805]
• Fixed versions: 4.4.4, 5.0, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0805]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-0806

(json)

• CVE numbers: CVE-2016-0806 [Bulletin-CVE-2016-0806]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
• Details: The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453. [NIST-CVE-2016-0806]
• Discovered by: on: Unknown
• Reported on: 2016-02-01 [Bulletin-CVE-2016-0806]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: 4.4.4, 5.0, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0806] regex: (4.4.4)|(5.0.[0-9])|(5.1.1)|(6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-0806]
• Fixed versions: 4.4.4, 5.0, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0806]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-0819

(json)

• CVE numbers: CVE-2016-0819 [Bulletin-CVE-2016-0819]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in the Qualcomm Performance Component
• Details: The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034. [NIST-CVE-2016-0819]
• Discovered by: on: Unknown
• Reported on: 2016-03-01 [Bulletin-CVE-2016-0819]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0819] regex: (4.4.4)|(5.0.2)|(5.1.1)|(6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-0819]
• Fixed versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0819]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2067

(json)

• CVE numbers: CVE-2016-2067 [Bulletin-CVE-2016-2067]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993. [NIST-CVE-2016-2067]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-2067]
• Fixed on: 2016-03-17 [QC-CR988993]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2067]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-8422

(json)

• CVE numbers: CVE-2016-8422 [Bulletin-CVE-2016-8422]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm bootloader
• Details: An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31471220. References: QC-CR#979426. [NIST-CVE-2016-8422]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8422]
• Fixed on: 2016-03-18 [QC-CR#979426]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8422]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-0843

(json)

• CVE numbers: CVE-2016-0843 [Bulletin-CVE-2016-0843]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Performance Module
• Details: The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application, aka internal bug 25801197. [NIST-CVE-2016-0843]
• Discovered by: on: Unknown
• Reported on: 2016-04-02 [Bulletin-CVE-2016-0843]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0843] regex: (4.4.4)|(5.0.2)|(5.1.1)|(6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-0843]
• Fixed versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2016-0843]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2015-0569

(json)

• CVE numbers: CVE-2015-0569 [Bulletin-CVE-2015-0569]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
• Details: Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter. [NIST-CVE-2015-0569]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2015-0569]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-0569]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2015-0570

(json)

• CVE numbers: CVE-2015-0570 [Bulletin-CVE-2015-0570]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
• Details: Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. [NIST-CVE-2015-0570]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2015-0570]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-0570]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2431

(json)

• CVE numbers: CVE-2016-2431 [Bulletin-CVE-2016-2431]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm TrustZone
• Details: The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809. [NIST-CVE-2016-2431]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2016-2431]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2431]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2432

(json)

• CVE numbers: CVE-2016-2432 [Bulletin-CVE-2016-2432]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm TrustZone
• Details: The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059. [NIST-CVE-2016-2432]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2016-2432]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2432]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-8423

(json)

• CVE numbers: CVE-2016-8423 [Bulletin-CVE-2016-8423]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm bootloader
• Details: An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31399736. References: QC-CR#1000546. [NIST-CVE-2016-8423]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8423]
• Fixed on: 2016-05-04 [QC-CR#1000546]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8423]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8436

(json)

• CVE numbers: CVE-2016-8436 [Bulletin-CVE-2016-8436]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm video driver
• Details: An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32450261. References: QC-CR#1007860. [NIST-CVE-2016-8436]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8436]
• Fixed on: 2016-05-12 [QC-CR#1007860]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8436]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-2062

(json)

• CVE numbers: CVE-2016-2062 [Bulletin-CVE-2016-2062]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm GPU Driver
• Details: The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call. [NIST-CVE-2016-2062]
• Discovered by: on: Unknown
• Reported on: 2016-06-01 [Bulletin-CVE-2016-2062]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2062]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2465

(json)

• CVE numbers: CVE-2016-2465 [Bulletin-CVE-2016-2465]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Video Driver
• Details: The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865. [NIST-CVE-2016-2465]
• Discovered by: on: Unknown
• Reported on: 2016-06-01 [Bulletin-CVE-2016-2465]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2465]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2466

(json)

• CVE numbers: CVE-2016-2466 [Bulletin-CVE-2016-2466]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Sound Driver
• Details: The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307. [NIST-CVE-2016-2466]
• Discovered by: on: Unknown
• Reported on: 2016-06-01 [Bulletin-CVE-2016-2466]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2466]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2467

(json)

• CVE numbers: CVE-2016-2467 [Bulletin-CVE-2016-2467]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Sound Driver
• Details: The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010. [NIST-CVE-2016-2467]
• Discovered by: on: Unknown
• Reported on: 2016-06-01 [Bulletin-CVE-2016-2467]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2467]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2468

(json)

• CVE numbers: CVE-2016-2468 [Bulletin-CVE-2016-2468]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm GPU Driver
• Details: The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454. [NIST-CVE-2016-2468]
• Discovered by: on: Unknown
• Reported on: 2016-06-01 [Bulletin-CVE-2016-2468]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2468]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2474

(json)

• CVE numbers: CVE-2016-2474 [Bulletin-CVE-2016-2474]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
• Details: The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603. [NIST-CVE-2016-2474]
• Discovered by: on: Unknown
• Reported on: 2016-06-01 [Bulletin-CVE-2016-2474]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2474]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2503

(json)

• CVE numbers: CVE-2016-2503 [Bulletin-CVE-2016-2503]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067. [NIST-CVE-2016-2503]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-2503]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2503]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3768

(json)

• CVE numbers: CVE-2016-3768 [Bulletin-CVE-2016-3768]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm performance component
• Details: The Qualcomm performance component in Android before 2016-07-05 on Nexus 5, 6, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28172137 and Qualcomm internal bug CR1010644. [NIST-CVE-2016-3768]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3768]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-3768]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-10275

(json)

• CVE numbers: CVE-2016-10275 [Bulletin-CVE-2016-10275]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm bootloader
• Details: An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. References: QC-CR#1009111. [NIST-CVE-2016-10275]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2016-10275]
• Fixed on: 2016-07-05 [QC-CR#1009111]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10275]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-2504

(json)

• CVE numbers: CVE-2016-2504 [Bulletin-CVE-2016-2504]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026365 and Qualcomm internal bug CR1002974. [NIST-CVE-2016-2504]
• Discovered by: on: Unknown
• Reported on: 2016-08-01 [Bulletin-CVE-2016-2504]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2504]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3842

(json)

• CVE numbers: CVE-2016-3842 [Bulletin-CVE-2016-3842]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974. [NIST-CVE-2016-3842]
• Discovered by: on: Unknown
• Reported on: 2016-08-01 [Bulletin-CVE-2016-3842]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-3842]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6725

(json)

• CVE numbers: CVE-2016-6725 [Bulletin-CVE-2016-6725]
• Coordinated disclosure?: unknown
• Categories: Remote code execution vulnerability in Qualcomm crypto driver
• Details: A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970. [NIST-CVE-2016-6725]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6725]
• Fixed on: 2016-08-16 [QC-CR#1050970]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-6725]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3706

(json)

• CVE numbers: CVE-2016-3706 [Bulletin-CVE-2016-3706]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. [NIST-CVE-2016-3706]
• Discovered by: on: Unknown
• Reported on: 2017-12-01 [Bulletin-CVE-2016-3706]
• Fixed on: 2016-09-09 [QC-CR#1058691]
• Fix released on: 2017-12-05 [Bulletin-CVE-2016-3706]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-3706]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-4429

(json)

• CVE numbers: CVE-2016-4429 [Bulletin-CVE-2016-4429]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. [NIST-CVE-2016-4429]
• Discovered by: on: Unknown
• Reported on: 2017-12-01 [Bulletin-CVE-2016-4429]
• Fixed on: 2016-09-09 [QC-CR#1058691]
• Fix released on: 2017-12-05 [Bulletin-CVE-2016-4429]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-4429]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-3926

(json)

• CVE numbers: CVE-2016-3926 [Bulletin-CVE-2016-3926]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953. [NIST-CVE-2016-3926]
• Discovered by: on: Unknown
• Reported on: 2016-10-01 [Bulletin-CVE-2016-3926]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-3926]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3927

(json)

• CVE numbers: CVE-2016-3927 [Bulletin-CVE-2016-3927]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244. [NIST-CVE-2016-3927]
• Discovered by: on: Unknown
• Reported on: 2016-10-01 [Bulletin-CVE-2016-3927]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-3927]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-8418

(json)

• CVE numbers: CVE-2016-8418 [Bulletin-CVE-2016-8418]
• Coordinated disclosure?: unknown
• Categories: Remote code execution vulnerability in Qualcomm crypto driver
• Details: A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product: Android. Versions: N/A. Android ID: A-32652894. References: QC-CR#1077457. [NIST-CVE-2016-8418]
• Discovered by: Seven Shen (@lingtongshen) of Trend Micro Mobile Threat Research Team [Discovery-CVE-2016-8418] on: Unknown
• Reported on: 2017-02-01 [Bulletin-CVE-2016-8418]
• Fixed on: 2016-10-24 [QC-CR#1077457]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8418]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-6727

(json)

• CVE numbers: CVE-2016-6727 [Bulletin-CVE-2016-6727]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. [NIST-CVE-2016-6727]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6727]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-6727]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6729

(json)

• CVE numbers: CVE-2016-6729 [Bulletin-CVE-2016-6729]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm bootloader
• Details: An elevation of privilege vulnerability in the Qualcomm bootloader in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30977990. References: Qualcomm QC-CR#977684. [NIST-CVE-2016-6729]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6729]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-6729]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-10230

(json)

• CVE numbers: CVE-2016-10230 [Bulletin-CVE-2016-10230]
• Coordinated disclosure?: unknown
• Categories: Remote code execution vulnerability in Qualcomm crypto engine driver
• Details: A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR#1091408. [NIST-CVE-2016-10230]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2016-10230]
• Fixed on: 2016-11-28 [QC-CR#1091408]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10230]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8411

(json)

• CVE numbers: CVE-2016-8411 [Bulletin-CVE-2016-8411]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775. [NIST-CVE-2016-8411]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-8411]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8411]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-10276

(json)

• CVE numbers: CVE-2016-10276 [Bulletin-CVE-2016-10276]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm bootloader
• Details: An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32952839. References: QC-CR#1094105. [NIST-CVE-2016-10276]
• Discovered by: Yang Cheng of Xiaomi Inc. [Discovery-CVE-2016-10276] on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2016-10276]
• Fixed on: 2016-12-02 [QC-CR#1094105]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10276]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8438

(json)

• CVE numbers: CVE-2016-8438 [Bulletin-CVE-2016-8438]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. [NIST-CVE-2016-8438]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8438]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8438]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2016-8442

(json)

• CVE numbers: CVE-2016-8442 [Bulletin-CVE-2016-8442]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173. [NIST-CVE-2016-8442]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8442]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8442]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2016-8443

(json)

• CVE numbers: CVE-2016-8443 [Bulletin-CVE-2016-8443]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185. [NIST-CVE-2016-8443]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8443]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8443]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2017-7371

(json)

• CVE numbers: CVE-2017-7371 [Bulletin-CVE-2017-7371]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth. [NIST-CVE-2017-7371]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2017-7371]
• Fixed on: 2017-01-23 [QC-CR#1101054]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-7371]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0431

(json)

• CVE numbers: CVE-2017-0431 [Bulletin-CVE-2017-0431]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899. [NIST-CVE-2017-0431]
• Discovered by: on: Unknown
• Reported on: 2017-02-01 [Bulletin-CVE-2017-0431]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-0431]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2016-8479

(json)

• CVE numbers: CVE-2016-8479 [Bulletin-CVE-2016-8479]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31824853. References: QC-CR#1093687. [NIST-CVE-2016-8479]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8479] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8479]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8479]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8484

(json)

• CVE numbers: CVE-2016-8484 [Bulletin-CVE-2016-8484]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823575. [NIST-CVE-2016-8484]
• Discovered by: on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8484]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8484]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8485

(json)

• CVE numbers: CVE-2016-8485 [Bulletin-CVE-2016-8485]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823681. [NIST-CVE-2016-8485]
• Discovered by: on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8485]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8485]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8486

(json)

• CVE numbers: CVE-2016-8486 [Bulletin-CVE-2016-8486]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823691. [NIST-CVE-2016-8486]
• Discovered by: on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8486]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8486]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8487

(json)

• CVE numbers: CVE-2016-8487 [Bulletin-CVE-2016-8487]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823724. [NIST-CVE-2016-8487]
• Discovered by: on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8487]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8487]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8488

(json)

• CVE numbers: CVE-2016-8488 [Bulletin-CVE-2016-8488]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-31625756. [NIST-CVE-2016-8488]
• Discovered by: on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8488]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8488]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9931

(json)

• CVE numbers: CVE-2014-9931 [Bulletin-CVE-2014-9931]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. [NIST-CVE-2014-9931]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9931]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9931]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9932

(json)

• CVE numbers: CVE-2014-9932 [Bulletin-CVE-2014-9932]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. [NIST-CVE-2014-9932]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9932]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9932]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9933

(json)

• CVE numbers: CVE-2014-9933 [Bulletin-CVE-2014-9933]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. [NIST-CVE-2014-9933]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9933]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9933]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9934

(json)

• CVE numbers: CVE-2014-9934 [Bulletin-CVE-2014-9934]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. [NIST-CVE-2014-9934]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9934]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9934]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9935

(json)

• CVE numbers: CVE-2014-9935 [Bulletin-CVE-2014-9935]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2014-9935]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9935]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9935]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9936

(json)

• CVE numbers: CVE-2014-9936 [Bulletin-CVE-2014-9936]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2014-9936]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9936]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9936]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9937

(json)

• CVE numbers: CVE-2014-9937 [Bulletin-CVE-2014-9937]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2014-9937]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2014-9937]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9937]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-8995

(json)

• CVE numbers: CVE-2015-8995 [Bulletin-CVE-2015-8995]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-8995]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-8995]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-8995]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-8996

(json)

• CVE numbers: CVE-2015-8996 [Bulletin-CVE-2015-8996]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-8996]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-8996]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-8996]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-8997

(json)

• CVE numbers: CVE-2015-8997 [Bulletin-CVE-2015-8997]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-8997]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-8997]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-8997]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-8998

(json)

• CVE numbers: CVE-2015-8998 [Bulletin-CVE-2015-8998]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-8998]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-8998]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-8998]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-8999

(json)

• CVE numbers: CVE-2015-8999 [Bulletin-CVE-2015-8999]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file. [NIST-CVE-2015-8999]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-8999]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-8999]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9000

(json)

• CVE numbers: CVE-2015-9000 [Bulletin-CVE-2015-9000]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-9000]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-9000]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9000]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9001

(json)

• CVE numbers: CVE-2015-9001 [Bulletin-CVE-2015-9001]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-9001]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-9001]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9001]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9002

(json)

• CVE numbers: CVE-2015-9002 [Bulletin-CVE-2015-9002]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-9002]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-9002]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9002]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9003

(json)

• CVE numbers: CVE-2015-9003 [Bulletin-CVE-2015-9003]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel. [NIST-CVE-2015-9003]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2015-9003]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9003]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10237

(json)

• CVE numbers: CVE-2016-10237 [Bulletin-CVE-2016-10237]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory. [NIST-CVE-2016-10237]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2016-10237]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10237]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10238

(json)

• CVE numbers: CVE-2016-10238 [Bulletin-CVE-2016-10238]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue. [NIST-CVE-2016-10238]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2016-10238]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10238]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10242

(json)

• CVE numbers: CVE-2016-10242 [Bulletin-CVE-2016-10242]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel. [NIST-CVE-2016-10242]
• Discovered by: on: Unknown
• Reported on: 2017-04-01 [Bulletin-CVE-2016-10242]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10242]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9923

(json)

• CVE numbers: CVE-2014-9923 [Bulletin-CVE-2014-9923]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. [NIST-CVE-2014-9923]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9923]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9923]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9924

(json)

• CVE numbers: CVE-2014-9924 [Bulletin-CVE-2014-9924]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. [NIST-CVE-2014-9924]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9924]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9924]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9925

(json)

• CVE numbers: CVE-2014-9925 [Bulletin-CVE-2014-9925]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. [NIST-CVE-2014-9925]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9925]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9925]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9926

(json)

• CVE numbers: CVE-2014-9926 [Bulletin-CVE-2014-9926]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. [NIST-CVE-2014-9926]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9926]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9926]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9927

(json)

• CVE numbers: CVE-2014-9927 [Bulletin-CVE-2014-9927]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. [NIST-CVE-2014-9927]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9927]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9927]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9928

(json)

• CVE numbers: CVE-2014-9928 [Bulletin-CVE-2014-9928]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. [NIST-CVE-2014-9928]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9928]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9928]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9929

(json)

• CVE numbers: CVE-2014-9929 [Bulletin-CVE-2014-9929]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. [NIST-CVE-2014-9929]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9929]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9929]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2014-9930

(json)

• CVE numbers: CVE-2014-9930 [Bulletin-CVE-2014-9930]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. [NIST-CVE-2014-9930]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2014-9930]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9930]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2015-9005

(json)

• CVE numbers: CVE-2015-9005 [Bulletin-CVE-2015-9005]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. [NIST-CVE-2015-9005]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2015-9005]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9005]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2015-9006

(json)

• CVE numbers: CVE-2015-9006 [Bulletin-CVE-2015-9006]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. [NIST-CVE-2015-9006]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2015-9006]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9006]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2015-9007

(json)

• CVE numbers: CVE-2015-9007 [Bulletin-CVE-2015-9007]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. [NIST-CVE-2015-9007]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2015-9007]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9007]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2016-10240

(json)

• CVE numbers: CVE-2016-10240 [Bulletin-CVE-2016-10240]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2016-10240]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10240]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2016-10241

(json)

• CVE numbers: CVE-2016-10241 [Bulletin-CVE-2016-10241]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2016-10241]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10241]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2016-10297

(json)

• CVE numbers: CVE-2016-10297 [Bulletin-CVE-2016-10297]
• Coordinated disclosure?: unknown
• Categories: Vulnerabilities in Qualcomm components
• Details: In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. [NIST-CVE-2016-10297]
• Discovered by: on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2016-10297]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10297]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-30

CVE-2017-9714

(json)

• CVE numbers: CVE-2017-9714 [Bulletin-CVE-2017-9714]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request. [NIST-CVE-2017-9714]
• Discovered by: on: Unknown
• Reported on: 2017-10-01 [Bulletin-CVE-2017-9714]
• Fixed on: 2017-05-16 [QC-CR#2046578]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-9714]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9953

(json)

• CVE numbers: CVE-2014-9953 [Bulletin-CVE-2014-9953]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770. [NIST-CVE-2014-9953]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2014-9953]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9953]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9960

(json)

• CVE numbers: CVE-2014-9960 [Bulletin-CVE-2014-9960]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. [NIST-CVE-2014-9960]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2014-9960]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9960]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9961

(json)

• CVE numbers: CVE-2014-9961 [Bulletin-CVE-2014-9961]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. [NIST-CVE-2014-9961]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2014-9961]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9961]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2014-9967

(json)

• CVE numbers: CVE-2014-9967 [Bulletin-CVE-2014-9967]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. [NIST-CVE-2014-9967]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2014-9967]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9967]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9008

(json)

• CVE numbers: CVE-2015-9008 [Bulletin-CVE-2015-9008]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384689. [NIST-CVE-2015-9008]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9008]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9008]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9009

(json)

• CVE numbers: CVE-2015-9009 [Bulletin-CVE-2015-9009]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600. [NIST-CVE-2015-9009]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9009]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9009]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9010

(json)

• CVE numbers: CVE-2015-9010 [Bulletin-CVE-2015-9010]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101. [NIST-CVE-2015-9010]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9010]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9010]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9011

(json)

• CVE numbers: CVE-2015-9011 [Bulletin-CVE-2015-9011]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714882. [NIST-CVE-2015-9011]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9011]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9011]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9012

(json)

• CVE numbers: CVE-2015-9012 [Bulletin-CVE-2015-9012]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384691. [NIST-CVE-2015-9012]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9012]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9012]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9013

(json)

• CVE numbers: CVE-2015-9013 [Bulletin-CVE-2015-9013]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393251. [NIST-CVE-2015-9013]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9013]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9013]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9014

(json)

• CVE numbers: CVE-2015-9014 [Bulletin-CVE-2015-9014]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393750. [NIST-CVE-2015-9014]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9014]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9014]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9015

(json)

• CVE numbers: CVE-2015-9015 [Bulletin-CVE-2015-9015]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120. [NIST-CVE-2015-9015]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9015]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9015]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9024

(json)

• CVE numbers: CVE-2015-9024 [Bulletin-CVE-2015-9024]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. [NIST-CVE-2015-9024]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9024]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9024]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9026

(json)

• CVE numbers: CVE-2015-9026 [Bulletin-CVE-2015-9026]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. [NIST-CVE-2015-9026]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9026]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9026]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9027

(json)

• CVE numbers: CVE-2015-9027 [Bulletin-CVE-2015-9027]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. [NIST-CVE-2015-9027]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9027]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9027]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2015-9029

(json)

• CVE numbers: CVE-2015-9029 [Bulletin-CVE-2015-9029]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory. [NIST-CVE-2015-9029]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2015-9029]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2015-9029]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10298

(json)

• CVE numbers: CVE-2016-10298 [Bulletin-CVE-2016-10298]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393252. [NIST-CVE-2016-10298]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10298]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10298]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10299

(json)

• CVE numbers: CVE-2016-10299 [Bulletin-CVE-2016-10299]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32577244. [NIST-CVE-2016-10299]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10299]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10299]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10333

(json)

• CVE numbers: CVE-2016-10333 [Bulletin-CVE-2016-10333]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS. [NIST-CVE-2016-10333]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10333]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10333]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10334

(json)

• CVE numbers: CVE-2016-10334 [Bulletin-CVE-2016-10334]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten. [NIST-CVE-2016-10334]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10334]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10334]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10335

(json)

• CVE numbers: CVE-2016-10335 [Bulletin-CVE-2016-10335]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, libtomcrypt was updated. [NIST-CVE-2016-10335]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10335]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10335]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10336

(json)

• CVE numbers: CVE-2016-10336 [Bulletin-CVE-2016-10336]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot. [NIST-CVE-2016-10336]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10336]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10336]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10338

(json)

• CVE numbers: CVE-2016-10338 [Bulletin-CVE-2016-10338]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. [NIST-CVE-2016-10338]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10338]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10338]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10339

(json)

• CVE numbers: CVE-2016-10339 [Bulletin-CVE-2016-10339]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore. [NIST-CVE-2016-10339]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10339]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10339]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10340

(json)

• CVE numbers: CVE-2016-10340 [Bulletin-CVE-2016-10340]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler. [NIST-CVE-2016-10340]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10340]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10340]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-10341

(json)

• CVE numbers: CVE-2016-10341 [Bulletin-CVE-2016-10341]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended. [NIST-CVE-2016-10341]
• Discovered by: on: Unknown
• Reported on: 2017-06-01 [Bulletin-CVE-2016-10341]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10341]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-11013

(json)

• CVE numbers: CVE-2017-11013 [Bulletin-CVE-2017-11013]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound". [NIST-CVE-2017-11013]
• Discovered by: on: Unknown
• Reported on: 2017-11-01 [Bulletin-CVE-2017-11013]
• Fixed on: 2017-06-30 [QC-CR#2058261]
• Fix released on: 2017-11-06 [Bulletin-CVE-2017-11013]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11013]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-11014

(json)

• CVE numbers: CVE-2017-11014 [Bulletin-CVE-2017-11014]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur. [NIST-CVE-2017-11014]
• Discovered by: on: Unknown
• Reported on: 2017-11-01 [Bulletin-CVE-2017-11014]
• Fixed on: 2017-07-05 [QC-CR#2060959]
• Fix released on: 2017-11-06 [Bulletin-CVE-2017-11014]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11014]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-11015

(json)

• CVE numbers: CVE-2017-11015 [Bulletin-CVE-2017-11015]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the driver can not handle challenge text larger than 128 bytes. [NIST-CVE-2017-11015]
• Discovered by: on: Unknown
• Reported on: 2017-11-01 [Bulletin-CVE-2017-11015]
• Fixed on: 2017-07-05 [QC-CR#2060959]
• Fix released on: 2017-11-06 [Bulletin-CVE-2017-11015]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11015]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-11043

(json)

• CVE numbers: CVE-2017-11043 [Bulletin-CVE-2017-11043]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur. [NIST-CVE-2017-11043]
• Discovered by: on: Unknown
• Reported on: 2017-12-01 [Bulletin-CVE-2017-11043]
• Fixed on: 2017-07-12 [QC-CR#2067820]
• Fix released on: 2017-12-05 [Bulletin-CVE-2017-11043]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11043]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-18067

(json)

• CVE numbers: CVE-2017-18067 [Bulletin-CVE-2017-18067]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation while processing an encrypted authentication management frame in lim_send_auth_mgmt_frame() leads to buffer overflow. [NIST-CVE-2017-18067]
• Discovered by: on: Unknown
• Reported on: 2018-03-01 [Bulletin-CVE-2017-18067]
• Fixed on: 2017-07-27 [2]
• Fix released on: 2018-03-05 [Bulletin-CVE-2017-18067]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18067]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-15860

(json)

• CVE numbers: CVE-2017-15860 [Bulletin-CVE-2017-15860]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur. [NIST-CVE-2017-15860]
• Discovered by: on: Unknown
• Reported on: 2018-02-01 [Bulletin-CVE-2017-15860]
• Fixed on: 2017-07-31 [QC-CR#2082544]
• Fix released on: 2018-02-05 [Bulletin-CVE-2017-15860]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-15860]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-15815

(json)

• CVE numbers: CVE-2017-15815 [Bulletin-CVE-2017-15815]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame. [NIST-CVE-2017-15815]
• Discovered by: on: Unknown
• Reported on: 2018-03-01 [Bulletin-CVE-2017-15815]
• Fixed on: 2017-08-31 [QC-CR#2093392]
• Fix released on: 2018-03-05 [Bulletin-CVE-2017-15815]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-15815]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-11041

(json)

• CVE numbers: CVE-2017-11041 [Bulletin-CVE-2017-11041]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. [NIST-CVE-2017-11041]
• Discovered by: on: Unknown
• Reported on: 2017-09-01 [Bulletin-CVE-2017-11041]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11041]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-11053

(json)

• CVE numbers: CVE-2017-11053 [Bulletin-CVE-2017-11053]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame(). [NIST-CVE-2017-11053]
• Discovered by: Scott Bauer (@ScottyBauer1) [Discovery-CVE-2017-11053] on: Unknown
• Reported on: 2017-10-01 [Bulletin-CVE-2017-11053]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11053]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-15822

(json)

• CVE numbers: CVE-2017-15822 [Bulletin-CVE-2017-15822]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur. [NIST-CVE-2017-15822]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2017-15822]
• Fixed on: 2017-10-12 [QC-CR#2123807]
• Fix released on: 2018-04-05 [Bulletin-CVE-2017-15822]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-15822]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-3565

(json)

• CVE numbers: CVE-2018-3565 [Bulletin-CVE-2018-3565]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur. [NIST-CVE-2018-3565]
• Discovered by: on: Unknown
• Reported on: 2018-05-01 [Bulletin-CVE-2018-3565]
• Fixed on: 2017-11-07 [QC-CR#2138555]
• Fix released on: 2018-05-05 [Bulletin-CVE-2018-3565]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-3565]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-3580

(json)

• CVE numbers: CVE-2018-3580 [Bulletin-CVE-2018-3580]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. [NIST-CVE-2018-3580]
• Discovered by: on: Unknown
• Reported on: 2018-05-01 [Bulletin-CVE-2018-3580]
• Fixed on: 2017-11-29 [QC-CR#2149187]
• Fix released on: 2018-05-05 [Bulletin-CVE-2018-3580]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-3580]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-6211

(json)

• CVE numbers: CVE-2017-6211 [Bulletin-CVE-2017-6211]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur. [NIST-CVE-2017-6211]
• Discovered by: on: Unknown
• Reported on: 2017-12-01 [Bulletin-CVE-2017-6211]
• Fixed on: Unknown
• Fix released on: 2017-12-05 [Bulletin-CVE-2017-6211]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-6211]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2018-3569

(json)

• CVE numbers: CVE-2018-3569 [Bulletin-CVE-2018-3569]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: A buffer over-read can occur during a fast initial link setup (FILS) connection in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. [NIST-CVE-2018-3569]
• Discovered by: on: Unknown
• Reported on: 2018-06-01 [Bulletin-CVE-2018-3569]
• Fixed on: 2017-12-20 [QC-CR#2161920]
• Fix released on: 2018-06-05 [Bulletin-CVE-2018-3569]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-3569]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-14911

(json)

• CVE numbers: CVE-2017-14911 [Bulletin-CVE-2017-14911]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config. [NIST-CVE-2017-14911]
• Discovered by: on: Unknown
• Reported on: 2018-01-01 [Bulletin-CVE-2017-14911]
• Fixed on: Unknown
• Fix released on: 2018-01-05 [Bulletin-CVE-2017-14911]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-14911]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5854

(json)

• CVE numbers: CVE-2018-5854 [Bulletin-CVE-2018-5854]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. [NIST-CVE-2018-5854]
• Discovered by: on: Unknown
• Reported on: 2018-06-01 [Bulletin-CVE-2018-5854]
• Fixed on: 2018-02-02 [QC-CR#2183877]
• Fix released on: 2018-06-05 [Bulletin-CVE-2018-5854]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5854]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5872

(json)

• CVE numbers: CVE-2018-5872 [Bulletin-CVE-2018-5872]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur. [NIST-CVE-2018-5872]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2018-5872]
• Fixed on: 2018-02-07 [QC-CR#2183014]
• Fix released on: 2018-07-05 [Bulletin-CVE-2018-5872]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5872]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-17773

(json)

• CVE numbers: CVE-2017-17773 [Bulletin-CVE-2017-17773]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in video_fmt_mp4r_process_atom_avc1() causes a potential buffer overflow. [NIST-CVE-2017-17773]
• Discovered by: on: Unknown
• Reported on: 2018-03-01 [Bulletin-CVE-2017-17773]
• Fixed on: Unknown
• Fix released on: 2018-03-05 [Bulletin-CVE-2017-17773]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-17773]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2014-9996

(json)

• CVE numbers: CVE-2014-9996 [Bulletin-CVE-2014-9996]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components 2014-2016 cumulative update
• Details: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur. [NIST-CVE-2014-9996]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2014-9996]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2014-9996]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2014-9996]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18071

(json)

• CVE numbers: CVE-2017-18071 [Bulletin-CVE-2017-18071]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, debug policy can potentially be bypassed. [NIST-CVE-2017-18071]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2017-18071]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2017-18071]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18071]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18128

(json)

• CVE numbers: CVE-2017-18128 [Bulletin-CVE-2017-18128]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data. [NIST-CVE-2017-18128]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2017-18128]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2017-18128]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18128]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18146

(json)

• CVE numbers: CVE-2017-18146 [Bulletin-CVE-2017-18146]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, in some corner cases, ECDSA signature verification can fail. [NIST-CVE-2017-18146]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2017-18146]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2017-18146]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18146]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-8274

(json)

• CVE numbers: CVE-2017-8274 [Bulletin-CVE-2017-8274]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, an access control vulnerability exists in Core. [NIST-CVE-2017-8274]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2017-8274]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2017-8274]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-8274]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-3591

(json)

• CVE numbers: CVE-2018-3591 [Bulletin-CVE-2018-3591]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the default build configuration of deviceprogrammer in BOOT.BF.3.0 enables the flag SKIP_SECBOOT_CHECK_NOT_RECOMMENDED_BY_QUALCOMM which will open up the peek and poke commands to any memory location on the target. [NIST-CVE-2018-3591]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2018-3591]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2018-3591]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-3591]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-3592

(json)

• CVE numbers: CVE-2018-3592 [Bulletin-CVE-2018-3592]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, added a change to check if the pointer has been reset to NULL or not, before writing to the memory pointed by the pointer. [NIST-CVE-2018-3592]
• Discovered by: on: Unknown
• Reported on: 2018-04-01 [Bulletin-CVE-2018-3592]
• Fixed on: Unknown
• Fix released on: 2018-04-05 [Bulletin-CVE-2018-3592]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-3592]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11262

(json)

• CVE numbers: CVE-2018-11262 [Bulletin-CVE-2018-11262]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT. [NIST-CVE-2018-11262]
• Discovered by: Xuan Xing of Google [Discovery-CVE-2018-11262] on: Unknown
• Reported on: 2019-02-01 [Bulletin-CVE-2018-11262]
• Fixed on: 2018-04-10 [QC-CR#2221192]
• Fix released on: 2019-02-05 [Bulletin-CVE-2018-11262]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11262]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2017-18155

(json)

• CVE numbers: CVE-2017-18155 [Bulletin-CVE-2017-18155]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault. [NIST-CVE-2017-18155]
• Discovered by: on: Unknown
• Reported on: 2018-06-01 [Bulletin-CVE-2017-18155]
• Fixed on: Unknown
• Fix released on: 2018-06-05 [Bulletin-CVE-2017-18155]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18155]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11940

(json)

• CVE numbers: CVE-2018-11940 [Bulletin-CVE-2018-11940]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130 [NIST-CVE-2018-11940]
• Discovered by: Pengfei Ding (丁鹏飞) of Huawei [Discovery-CVE-2018-11940] on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-11940]
• Fixed on: 2018-06-08 [QC-CR#2254946]
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-11940]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11940]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2016-2108

(json)

• CVE numbers: CVE-2016-2108 [Bulletin-CVE-2016-2108]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue. [NIST-CVE-2016-2108]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2016-2108]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2016-2108]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2108]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18171

(json)

• CVE numbers: CVE-2017-18171 [Bulletin-CVE-2017-18171]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. [NIST-CVE-2017-18171]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2017-18171]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2017-18171]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18171]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11257

(json)

• CVE numbers: CVE-2018-11257 [Bulletin-CVE-2018-11257]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850. [NIST-CVE-2018-11257]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2018-11257]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2018-11257]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11257]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11259

(json)

• CVE numbers: CVE-2018-11259 [Bulletin-CVE-2018-11259]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition. [NIST-CVE-2018-11259]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2018-11259]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2018-11259]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11259]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5874

(json)

• CVE numbers: CVE-2018-5874 [Bulletin-CVE-2018-5874]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. [NIST-CVE-2018-5874]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2018-5874]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2018-5874]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5874]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5875

(json)

• CVE numbers: CVE-2018-5875 [Bulletin-CVE-2018-5875]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. [NIST-CVE-2018-5875]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2018-5875]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2018-5875]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5875]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5876

(json)

• CVE numbers: CVE-2018-5876 [Bulletin-CVE-2018-5876]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. [NIST-CVE-2018-5876]
• Discovered by: on: Unknown
• Reported on: 2018-07-01 [Bulletin-CVE-2018-5876]
• Fixed on: Unknown
• Fix released on: 2018-07-05 [Bulletin-CVE-2018-5876]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5876]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2019-2269

(json)

• CVE numbers: CVE-2019-2269 [Bulletin-CVE-2019-2269]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-06-01 [Bulletin-CVE-2019-2269]
• Fixed on: 2018-07-11 [QC-CR#2264429]
• Fix released on: 2019-06-05 [Bulletin-CVE-2019-2269]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2269]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11817

(json)

• CVE numbers: CVE-2018-11817 [Bulletin-CVE-2018-11817]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-03-01 [Bulletin-CVE-2018-11817]
• Fixed on: 2018-07-18 [QC-CR#2241830]
• Fix released on: 2019-03-05 [Bulletin-CVE-2018-11817]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11817]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2017-18296

(json)

• CVE numbers: CVE-2017-18296 [Bulletin-CVE-2017-18296]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. [NIST-CVE-2017-18296]
• Discovered by: on: Unknown
• Reported on: 2018-08-01 [Bulletin-CVE-2017-18296]
• Fixed on: Unknown
• Fix released on: 2018-08-05 [Bulletin-CVE-2017-18296]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18296]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18305

(json)

• CVE numbers: CVE-2017-18305 [Bulletin-CVE-2017-18305]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835. [NIST-CVE-2017-18305]
• Discovered by: on: Unknown
• Reported on: 2018-08-01 [Bulletin-CVE-2017-18305]
• Fixed on: Unknown
• Fix released on: 2018-08-05 [Bulletin-CVE-2017-18305]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18305]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18310

(json)

• CVE numbers: CVE-2017-18310 [Bulletin-CVE-2017-18310]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016 [NIST-CVE-2017-18310]
• Discovered by: on: Unknown
• Reported on: 2018-08-01 [Bulletin-CVE-2017-18310]
• Fixed on: Unknown
• Fix released on: 2018-08-05 [Bulletin-CVE-2017-18310]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18310]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2016-10394

(json)

• CVE numbers: CVE-2016-10394 [Bulletin-CVE-2016-10394]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: on: Unknown
• Reported on: 2018-09-01 [Bulletin-CVE-2016-10394]
• Fixed on: Unknown
• Fix released on: 2018-09-05 [Bulletin-CVE-2016-10394]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-10394]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18311

(json)

• CVE numbers: CVE-2017-18311 [Bulletin-CVE-2017-18311]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016. [NIST-CVE-2017-18311]
• Discovered by: on: Unknown
• Reported on: 2018-09-01 [Bulletin-CVE-2017-18311]
• Fixed on: Unknown
• Fix released on: 2018-09-05 [Bulletin-CVE-2017-18311]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18311]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18314

(json)

• CVE numbers: CVE-2017-18314 [Bulletin-CVE-2017-18314]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. [NIST-CVE-2017-18314]
• Discovered by: on: Unknown
• Reported on: 2018-09-01 [Bulletin-CVE-2017-18314]
• Fixed on: Unknown
• Fix released on: 2018-09-05 [Bulletin-CVE-2017-18314]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18314]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11824

(json)

• CVE numbers: CVE-2018-11824 [Bulletin-CVE-2018-11824]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660 [NIST-CVE-2018-11824]
• Discovered by: on: Unknown
• Reported on: 2018-09-01 [Bulletin-CVE-2018-11824]
• Fixed on: Unknown
• Fix released on: 2018-09-05 [Bulletin-CVE-2018-11824]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11824]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11950

(json)

• CVE numbers: CVE-2018-11950 [Bulletin-CVE-2018-11950]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850 [NIST-CVE-2018-11950]
• Discovered by: on: Unknown
• Reported on: 2018-09-01 [Bulletin-CVE-2018-11950]
• Fixed on: Unknown
• Fix released on: 2018-09-05 [Bulletin-CVE-2018-11950]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11950]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5866

(json)

• CVE numbers: CVE-2018-5866 [Bulletin-CVE-2018-5866]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660. [NIST-CVE-2018-5866]
• Discovered by: on: Unknown
• Reported on: 2018-09-01 [Bulletin-CVE-2018-5866]
• Fixed on: Unknown
• Fix released on: 2018-09-05 [Bulletin-CVE-2018-5866]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5866]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18317

(json)

• CVE numbers: CVE-2017-18317 [Bulletin-CVE-2017-18317]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Restrictions related to the modem (sim lock, sim kill) can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A. [NIST-CVE-2017-18317]
• Discovered by: on: Unknown
• Reported on: 2018-11-01 [Bulletin-CVE-2017-18317]
• Fixed on: Unknown
• Fix released on: 2018-11-05 [Bulletin-CVE-2017-18317]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18317]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11264

(json)

• CVE numbers: CVE-2018-11264 [Bulletin-CVE-2018-11264]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660. [NIST-CVE-2018-11264]
• Discovered by: on: Unknown
• Reported on: 2018-11-01 [Bulletin-CVE-2018-11264]
• Fixed on: Unknown
• Fix released on: 2018-11-05 [Bulletin-CVE-2018-11264]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11264]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-11004

(json)

• CVE numbers: CVE-2017-11004 [Bulletin-CVE-2017-11004]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. [NIST-CVE-2017-11004]
• Discovered by: on: Unknown
• Reported on: 2018-12-01 [Bulletin-CVE-2017-11004]
• Fixed on: Unknown
• Fix released on: 2018-12-05 [Bulletin-CVE-2017-11004]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-11004]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-18141

(json)

• CVE numbers: CVE-2017-18141 [Bulletin-CVE-2017-18141]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. [NIST-CVE-2017-18141]
• Discovered by: on: Unknown
• Reported on: 2018-12-01 [Bulletin-CVE-2017-18141]
• Fixed on: Unknown
• Fix released on: 2018-12-05 [Bulletin-CVE-2017-18141]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-18141]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2017-8248

(json)

• CVE numbers: CVE-2017-8248 [Bulletin-CVE-2017-8248]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation. [NIST-CVE-2017-8248]
• Discovered by: on: Unknown
• Reported on: 2018-12-01 [Bulletin-CVE-2017-8248]
• Fixed on: Unknown
• Fix released on: 2018-12-05 [Bulletin-CVE-2017-8248]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-8248]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-11279

(json)

• CVE numbers: CVE-2018-11279 [Bulletin-CVE-2018-11279]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-11279]
• Discovered by: on: Unknown
• Reported on: 2018-12-01 [Bulletin-CVE-2018-11279]
• Fixed on: Unknown
• Fix released on: 2018-12-05 [Bulletin-CVE-2018-11279]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11279]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-5913

(json)

• CVE numbers: CVE-2018-5913 [Bulletin-CVE-2018-5913]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: A non-time constant function memcmp is used which creates a side channel that could leak information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-5913]
• Discovered by: on: Unknown
• Reported on: 2018-12-01 [Bulletin-CVE-2018-5913]
• Fixed on: Unknown
• Fix released on: 2018-12-05 [Bulletin-CVE-2018-5913]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5913]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-08-01

CVE-2018-11847

(json)

• CVE numbers: CVE-2018-11847 [Bulletin-CVE-2018-11847]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables and Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439 and Snapdragon_High_Med_2016 [NIST-CVE-2018-11847]
• Discovered by: on: Unknown
• Reported on: 2019-01-01 [Bulletin-CVE-2018-11847]
• Fixed on: Unknown
• Fix released on: 2019-01-05 [Bulletin-CVE-2018-11847]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11847]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2287

(json)

• CVE numbers: CVE-2019-2287 [Bulletin-CVE-2019-2287]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-06-01 [Bulletin-CVE-2019-2287]
• Fixed on: 2019-01-18 [2]
• Fix released on: 2019-06-05 [Bulletin-CVE-2019-2287]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2287]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2330

(json)

• CVE numbers: CVE-2019-2330 [Bulletin-CVE-2019-2330]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-07-01 [Bulletin-CVE-2019-2330]
• Fixed on: 2019-01-31 [QC-CR#2379952]
• Fix released on: 2019-07-05 [Bulletin-CVE-2019-2330]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2330]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11289

(json)

• CVE numbers: CVE-2018-11289 [Bulletin-CVE-2018-11289]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. [NIST-CVE-2018-11289]
• Discovered by: derrek (@derrekr6) [Discovery-CVE-2018-11289] on: Unknown
• Reported on: 2019-02-01 [Bulletin-CVE-2018-11289]
• Fixed on: Unknown
• Fix released on: 2019-02-05 [Bulletin-CVE-2018-11289]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11289]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11820

(json)

• CVE numbers: CVE-2018-11820 [Bulletin-CVE-2018-11820]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Use of non-time constant memcmp function creates side channel that leaks information and leads to cryptographic issues in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 800, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. [NIST-CVE-2018-11820]
• Discovered by: derrek (@derrekr6) [Discovery-CVE-2018-11820] on: Unknown
• Reported on: 2019-02-01 [Bulletin-CVE-2018-11820]
• Fixed on: Unknown
• Fix released on: 2019-02-05 [Bulletin-CVE-2018-11820]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11820]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11938

(json)

• CVE numbers: CVE-2018-11938 [Bulletin-CVE-2018-11938]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. [NIST-CVE-2018-11938]
• Discovered by: derrek (@derrekr6) [Discovery-CVE-2018-11938] on: Unknown
• Reported on: 2019-02-01 [Bulletin-CVE-2018-11938]
• Fixed on: Unknown
• Fix released on: 2019-02-05 [Bulletin-CVE-2018-11938]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11938]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11945

(json)

• CVE numbers: CVE-2018-11945 [Bulletin-CVE-2018-11945]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. [NIST-CVE-2018-11945]
• Discovered by: on: Unknown
• Reported on: 2019-02-01 [Bulletin-CVE-2018-11945]
• Fixed on: Unknown
• Fix released on: 2019-02-05 [Bulletin-CVE-2018-11945]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11945]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2308

(json)

• CVE numbers: CVE-2019-2308 [Bulletin-CVE-2019-2308]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-07-01 [Bulletin-CVE-2019-2308]
• Fixed on: 2019-02-02 [QC-CR#2338800]
• Fix released on: 2019-07-05 [Bulletin-CVE-2019-2308]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2308]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2017-8252

(json)

• CVE numbers: CVE-2017-8252 [Bulletin-CVE-2017-8252]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2017-8252]
• Discovered by: Adrian Tang of Columbia University (CLKSCREW paper) [Discovery-CVE-2017-8252] on: Unknown
• Reported on: 2019-03-01 [Bulletin-CVE-2017-8252]
• Fixed on: Unknown
• Fix released on: 2019-03-05 [Bulletin-CVE-2017-8252]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2017-8252]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11958

(json)

• CVE numbers: CVE-2018-11958 [Bulletin-CVE-2018-11958]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Insufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650, MDM9655, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016 [NIST-CVE-2018-11958]
• Discovered by: on: Unknown
• Reported on: 2019-03-01 [Bulletin-CVE-2018-11958]
• Fixed on: Unknown
• Fix released on: 2019-03-05 [Bulletin-CVE-2018-11958]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11958]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-10492

(json)

• CVE numbers: CVE-2019-10492 [Bulletin-CVE-2019-10492]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-08-01 [Bulletin-CVE-2019-10492]
• Fixed on: 2019-03-14 [QC-CR#2389432]
• Fix released on: 2019-08-05 [Bulletin-CVE-2019-10492]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-10492]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-08-12

CVE-2018-11271

(json)

• CVE numbers: CVE-2018-11271 [Bulletin-CVE-2018-11271]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-11271]
• Discovered by: on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-11271]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-11271]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11271]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-11976

(json)

• CVE numbers: CVE-2018-11976 [Bulletin-CVE-2018-11976]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: ECDSA signature code leaks private keys from secure world to non-secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-11976]
• Discovered by: NCC Group [Discovery-CVE-2018-11976] on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-11976]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-11976]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11976]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-12004

(json)

• CVE numbers: CVE-2018-12004 [Bulletin-CVE-2018-12004]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 [NIST-CVE-2018-12004]
• Discovered by: on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-12004]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-12004]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-12004]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-13886

(json)

• CVE numbers: CVE-2018-13886 [Bulletin-CVE-2018-13886]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-13886]
• Discovered by: on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-13886]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-13886]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-13886]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-13887

(json)

• CVE numbers: CVE-2018-13887 [Bulletin-CVE-2018-13887]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130 [NIST-CVE-2018-13887]
• Discovered by: on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-13887]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-13887]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-13887]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2250

(json)

• CVE numbers: CVE-2019-2250 [Bulletin-CVE-2019-2250]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130 [NIST-CVE-2019-2250]
• Discovered by: on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2019-2250]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2019-2250]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2250]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-13898

(json)

• CVE numbers: CVE-2018-13898 [Bulletin-CVE-2018-13898]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-13898]
• Discovered by: derrek (@derrekr6) [Discovery-CVE-2018-13898] on: Unknown
• Reported on: 2019-05-01 [Bulletin-CVE-2018-13898]
• Fixed on: Unknown
• Fix released on: 2019-05-05 [Bulletin-CVE-2018-13898]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-13898]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-5912

(json)

• CVE numbers: CVE-2018-5912 [Bulletin-CVE-2018-5912]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 [NIST-CVE-2018-5912]
• Discovered by: Xiling Gong of Tencent Blade Team [Discovery-CVE-2018-5912] on: Unknown
• Reported on: 2019-05-01 [Bulletin-CVE-2018-5912]
• Fixed on: Unknown
• Fix released on: 2019-05-05 [Bulletin-CVE-2018-5912]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-5912]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2255

(json)

• CVE numbers: CVE-2019-2255 [Bulletin-CVE-2019-2255]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2019-2255]
• Discovered by: on: Unknown
• Reported on: 2019-05-01 [Bulletin-CVE-2019-2255]
• Fixed on: Unknown
• Fix released on: 2019-05-05 [Bulletin-CVE-2019-2255]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2255]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2256

(json)

• CVE numbers: CVE-2019-2256 [Bulletin-CVE-2019-2256]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2019-2256]
• Discovered by: Xiling Gong of Tencent Blade Team [Discovery-CVE-2019-2256] on: Unknown
• Reported on: 2019-05-01 [Bulletin-CVE-2019-2256]
• Fixed on: Unknown
• Fix released on: 2019-05-05 [Bulletin-CVE-2019-2256]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2256]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-13924

(json)

• CVE numbers: CVE-2018-13924 [Bulletin-CVE-2018-13924]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-06-01 [Bulletin-CVE-2018-13924]
• Fixed on: Unknown
• Fix released on: 2019-06-05 [Bulletin-CVE-2018-13924]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-13924]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2018-13927

(json)

• CVE numbers: CVE-2018-13927 [Bulletin-CVE-2018-13927]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-06-01 [Bulletin-CVE-2018-13927]
• Fixed on: Unknown
• Fix released on: 2019-06-05 [Bulletin-CVE-2018-13927]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-13927]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2254

(json)

• CVE numbers: CVE-2019-2254 [Bulletin-CVE-2019-2254]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-07-01 [Bulletin-CVE-2019-2254]
• Fixed on: Unknown
• Fix released on: 2019-07-05 [Bulletin-CVE-2019-2254]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2254]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2322

(json)

• CVE numbers: CVE-2019-2322 [Bulletin-CVE-2019-2322]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-07-01 [Bulletin-CVE-2019-2322]
• Fixed on: Unknown
• Fix released on: 2019-07-05 [Bulletin-CVE-2019-2322]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2322]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-2327

(json)

• CVE numbers: CVE-2019-2327 [Bulletin-CVE-2019-2327]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: on: Unknown
• Reported on: 2019-07-01 [Bulletin-CVE-2019-2327]
• Fixed on: Unknown
• Fix released on: 2019-07-05 [Bulletin-CVE-2019-2327]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-2327]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24

CVE-2019-10539

(json)

• CVE numbers: CVE-2019-10539 [Bulletin-CVE-2019-10539]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: Xiling Gong of Tencent Blade Team [Discovery-CVE-2019-10539] on: Unknown
• Reported on: 2019-08-01 [Bulletin-CVE-2019-10539]
• Fixed on: Unknown
• Fix released on: 2019-08-05 [Bulletin-CVE-2019-10539]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-10539]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-08-12

CVE-2019-10540

(json)

• CVE numbers: CVE-2019-10540 [Bulletin-CVE-2019-10540]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details:
• Discovered by: Xiling Gong of Tencent Blade Team [Discovery-CVE-2019-10540] on: Unknown
• Reported on: 2019-08-01 [Bulletin-CVE-2019-10540]
• Fixed on: Unknown
• Fix released on: 2019-08-05 [Bulletin-CVE-2019-10540]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2019-10540]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-08-12