Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-11268

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-20 Sep, 2018 | 13:00
Updated At-05 Aug, 2024 | 08:01
Rejected At-
Credits

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:20 Sep, 2018 | 13:00
Updated At:05 Aug, 2024 | 08:01
Rejected At:
▼CVE Numbering Authority (CNA)

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
Versions
Affected
  • FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016
Problem Types
TypeCWE IDDescription
textN/AImproper Validation of Array Index in Storage
Type: text
CWE ID: N/A
Description: Improper Validation of Array Index in Storage
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins
x_refsource_CONFIRM
http://www.securityfocus.com/bid/106845
vdb-entry
x_refsource_BID
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/106845
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/106845
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/106845
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:20 Sep, 2018 | 13:29
Updated At:05 Mar, 2019 | 19:34

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9635m_firmware>>-
cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9635m>>-
cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640_firmware>>-
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640>>-
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9645_firmware>>-
cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9645>>-
cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655_firmware>>-
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655>>-
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd210_firmware>>-
cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd210>>-
cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd212_firmware>>-
cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd212>>-
cpe:2.3:h:qualcomm:sd212:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd205_firmware>>-
cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd205>>-
cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd425_firmware>>-
cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd425>>-
cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd427_firmware>>-
cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd427>>-
cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd430_firmware>>-
cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd430>>-
cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd435_firmware>>-
cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd435>>-
cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd450_firmware>>-
cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd450>>-
cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd625_firmware>>-
cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd625>>-
cpe:2.3:h:qualcomm:sd625:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd650_firmware>>-
cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd650>>-
cpe:2.3:h:qualcomm:sd650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd652_firmware>>-
cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd652>>-
cpe:2.3:h:qualcomm:sd652:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd810_firmware>>-
cpe:2.3:o:qualcomm:sd810_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd810>>-
cpe:2.3:h:qualcomm:sd810:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd820_firmware>>-
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd820>>-
cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd820a_firmware>>-
cpe:2.3:o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd820a>>-
cpe:2.3:h:qualcomm:sd820a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd835_firmware>>-
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd835>>-
cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd845_firmware>>-
cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd845>>-
cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-129Primarynvd@nist.gov
CWE ID: CWE-129
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/106845product-security@qualcomm.com
Third Party Advisory
VDB Entry
https://www.qualcomm.com/company/product-security/bulletinsproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/106845
Source: product-security@qualcomm.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

684Records found
CVE-2018-11878
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.52%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possibility of invalid memory access while processing driver command in WLAN function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12013
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.39%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in locked memory region can lead to unprivilged access to the memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_412sd_415sd_616sd_670_firmwaresdm660sdm630mdm9607_firmwaresd_615mdm9655_firmwaremdm9650sd_636sd_710_firmwaresd_615_firmwaresd_210mdm9607sd_636_firmwaresd_845_firmwaresd_410qcs605_firmwaremdm9206sd_212_firmwaresd_850_firmwaremdm9655sd_412_firmwaresd_712_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_8cxsd_670sd_835_firmwaremdm9650_firmwaresd_710sd_410_firmwaresd_835sd_205sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresxr1130sd_616_firmwaresd_205_firmwaresdm660_firmwaresd_212Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-287
Improper Authentication
CVE-2018-11870
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca6584ausd_850mdm9635m_firmwareqca4531_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_425mdm9607_firmwareqca9378mdm9650sd_650_firmwaresd_625qca6574ausd_210mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_845_firmwaresd_820a_firmwaremdm9206sd_652qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_850_firmwareqca6584au_firmwaresd_625_firmwareqca9377mdm9635mqca4531sda660_firmwaresd_845mdm9206_firmwareqca6584_firmwaresd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwareqca9378_firmwaresd_600_firmwareqca6584qca6574au_firmwaresd_205sd_210_firmwaresd_600sd_652_firmwaresd_835sda660qca9379sd_810_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11898
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11895
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.52%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11965
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.68%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-11836
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11934
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.85%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds write due to improper input validation while processing DO_ACS vendor command in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605mdm9640mdm9650_firmwareqca6574au_firmwaresda660sd_210_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625qca6574ausd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_212_firmwaresd_850_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sdx20_firmwaresd_205qca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11924
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.85%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:32
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636sm7150_firmwaremsm8996ausd_450_firmwaresd_845_firmwaresm7150sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605mdm9640sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625qca6574ausd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_212_firmwaresd_850_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sdx20_firmwaresd_205qca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11850
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca6584ausd_850mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_425mdm9607_firmwaremdm9650sd_625qca6574ausd_210mdm9607msm8996ausd_820_firmwaresd_820sd_845_firmwaresd_820a_firmwaremdm9206qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_850_firmwareqca6584au_firmwaresd_625_firmwareqca9377sda660_firmwaresd_845mdm9206_firmwareqca6584_firmwaresd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835qca6584qca6574au_firmwaresd_205sd_210_firmwaresda660qca9379sd_810_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11874
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11867
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.00%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11983
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.04%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Error in kernel observed while accessing freed mask pointers after reallocating memory for mask table.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-11938
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_12sd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_625_firmwareipq8074sd_450sd_16_firmwaresd_8cx_firmwaresd_845mdm9206_firmwareqcs605sd_52_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_12_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwareqca8081_firmwaresxr1130msm8909wsd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_16sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwareqca8081mdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresd_52sdm630_firmwaresda660_firmwaresd_8cxsd_430sd_427sd_670sd_435_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11859
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_850sd_845_firmwaresd_850_firmwareSnapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11830
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:09
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_820asd_412mdm9655msm8996au_firmwaresd_412_firmwaremdm9206_firmwaremdm9607_firmwaremdm9655_firmwaremdm9650mdm9607mdm9650_firmwaremsm8996ausd_410_firmwaresd_410sd_820a_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11853
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_850sdm636_firmwaresdm632_firmwaresdm632sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9650sdm439sdm429sdm630sd_625ipq8074_firmwaresdm710mdm9607sd_650sdm710_firmwaresd_450_firmwaresd_845_firmwaremdm9206sd_652sd_425_firmwaresd_850_firmwaresd_625_firmwareipq8074sd_450sdm439_firmwaresdm636sdm630_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_427sd_430sd_435_firmwaresd_835_firmwaremdm9650_firmwaresdm429_firmwaresd_835sda660sd_652_firmwaresdm660_firmwaresd_650_firmwareSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11879
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11861
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.00%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_850_firmwaresda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11875
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850_firmwaresd_845sd_850sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11855
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If an end user makes use of SCP11 sample OCE code without modification it could lead to a buffer overflow when transmitting a CAPDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM630, SDM660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_412msm8996au_firmwaresdm660sdm630mdm9607_firmwaremdm9650mdm9655_firmwaresd_636sd_210mdm9607msm8996ausd_636_firmwaresd_820_firmwaresd_820sd_410sd_820a_firmwaresd_212_firmwaremdm9655sd_412_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_8cxsd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sda660sd_210_firmwaresd_205_firmwaresdm660_firmwaresd_212Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11854
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11987
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.62%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-415
Double Free
CVE-2018-11821
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_850sdm636_firmwaresdm632_firmwaresdm632sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9650sdm630sd_625ipq8074_firmwaresdm710mdm9607sd_650sdm710_firmwaresd_450_firmwaresd_845_firmwaremdm9206sd_652sd_425_firmwaresd_850_firmwaresd_625_firmwareipq8074sd_450sdm636sdm630_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_427sd_430sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_652_firmwaresdm660_firmwaresd_650_firmwareSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11876
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11849
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9635m_firmwareqca4531_firmwaremdm9640_firmwaresd_820asdm632_firmwaremsm8996au_firmwaresdm632qca9378mdm9650qca6574msm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9206sd_652qca6564sd_425_firmwareqca9379_firmwareqca6174aqca6584au_firmwaresd_625_firmwareipq8074sd_450sdm636qca9377mdm9635mqca4531sd_845mdm9206_firmwareqca6574_firmwareqca9886qca6584_firmwaresd_835_firmwaremdm9650_firmwareqca9378_firmwaresd_835qca6584qca6574au_firmwaresda660sd_210_firmwaresd_600sd_652_firmwaresd_205_firmwaresd_212sd_650_firmwaresd_427_firmwareqca6584ausdm636_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sdm630sd_625ipq8074_firmwareqca6574ausdm710sd_820_firmwaresd_210mdm9607sdm710_firmwareqca6174a_firmwareqca9886_firmwaresd_212_firmwareqca6564_firmwaresd_850_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_810sd_435_firmwaresdx20_firmwaresd_600_firmwaresd_205qca9379sd_810_firmwaresdm660_firmwaremdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11925
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.87%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:33
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresdx20sd_670_firmwaresd_425sdm660sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sd_710_firmwaresdm630sd_625ipq8074_firmwaremdm9607sd_636_firmwaresd_450_firmwaresd_845_firmwaremdm9150qcs605_firmwareipq4019_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwareipq8074sd_450sd_855_firmwaresdm660_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605ipq4019sd_427sd_430sd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835ipq8064sda660ipq8064_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12014
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.19%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-11858
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sd_845_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11865
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_850sdm636_firmwaresdm632_firmwaresdm632sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9650sdm439sdm429sdm630sd_625sdm710sd_210mdm9607snapdragon_high_med_2016_firmwaresdm710_firmwaresd_450_firmwaresd_845_firmwaremdm9206sd_425_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sdm439_firmwaresdm636sdm630_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_427sd_430sd_435_firmwaresd_835_firmwaremdm9650_firmwaresdm429_firmwaresd_835sd_205sda660sd_210_firmwaresd_205_firmwaresdm660_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11980
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.79%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresdm636_firmwareapq8064msm8996au_firmwaresdx20msm8998_firmwaresdm660sdx24sdm630mdm9607_firmwaremdm9650sm7150_firmwareqca6574ausm6150mdm9607msm8996auapq8017_firmwaresm7150apq8009_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwareqcs605_firmwaremdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresm8150_firmwaresdx24_firmwareapq8096ausdm636qca9377sdm630_firmwareqcn7605mdm9206_firmwareqcs605sdx55apq8053apq8096au_firmwaresm6150_firmwaremsm8937_firmwaremdm9650_firmwaremsm8998sdx20_firmwaresm8150qca6574au_firmwaresdx55_firmwaresxr1130_firmwareapq8017apq8064_firmwaresxr1130apq8009qca9379apq8053_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-11963
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.19%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11843
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.93%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-11863
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.10%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11882
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11921
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412msm8996au_firmwaresd_415sd_616sd_425sdx24sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_800sd_845_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_412_firmwaresda845_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresda845sxr1130sd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2018-11852
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.10%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11819
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.85%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_855sd_730_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresdx20sd_425sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_625mdm9607msm8996ausd_450_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_730sdx24_firmwaresd_625_firmwaresd_450sd_855_firmwaresda660_firmwaremdm9206_firmwareqcs605sd_427sd_430sd_435_firmwaresd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sda660mdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2018-11923
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:31
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresd_425sdm660sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sd_710_firmwaresdm630sd_625qca6574aumdm9607msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9150qcs605_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_427sd_430sd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835qca6574au_firmwaresda660sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11872
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_850_firmwaresda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11847
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables and Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439 and Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_632sd_820amsm8996au_firmwaresd_439sd_429sdm439mdm9650sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwareipq8074sd_450sd_8cx_firmwaremdm9206_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sd_210_firmwaresd_415_firmwaresd_652_firmwareqca8081_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_412sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_625ipq8074_firmwaresd_210mdm9607sd_820_firmwaresd_439_firmwareqca8081sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_8cxsd_427sd_430sd_435_firmwaresd_410_firmwaresd_205Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11961
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.19%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11871
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9635m_firmwaremdm9640_firmwaresd_820aqca9980_firmwaremsm8996au_firmwaresdm632_firmwaresdm632qca9563_firmwareqca9378mdm9650qca9558qca9558_firmwaresnapdragon_high_med_2016_firmwareqca6574msm8996auqca9880_firmwaresd_650sd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareipq4019_firmwaremdm9206sd_652qca6564sd_425_firmwareqca9379_firmwareqca6174aqca6584au_firmwaresd_625_firmwareipq8074sd_450sdm636qca9377mdm9635msd_845mdm9206_firmwareqca9563qca6574_firmwareqca9886qca6584_firmwaresd_835_firmwaremdm9650_firmwareqca9378_firmwaresd_835qca6584qca6574au_firmwaresda660sd_210_firmwareipq8064sd_652_firmwaresd_600sd_205_firmwareipq8064_firmwaresd_212sd_650_firmwaresd_427_firmwareqca6584ausdm636_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sdm630qca9531sd_625ipq8074_firmwareqca6574ausdm710sd_820_firmwaresd_210mdm9607qca9980sdm710_firmwareqca9880qca6174a_firmwareqca9886_firmwaresd_212_firmwaresnapdragon_high_med_2016qca6564_firmwaresd_850_firmwaresdm630_firmwaresda660_firmwaresd_430ipq4019sd_427sd_435_firmwaresdx20_firmwareqca9531_firmwaresd_600_firmwaresd_205qca9379sdm660_firmwaremdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11950
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850_firmwaresd_845sd_850sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11840
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.22%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-415
Double Free
CVE-2018-11888
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.13%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_632sd_820asd_412msm8996au_firmwaresd_439sd_415sd_616sd_425sd_429sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaremdm9650sd_615sd_650_firmwaresd_625sd_615_firmwaresdm439snapdragon_high_med_2016_firmwaresd_210mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_410sd_439_firmwaresd_820a_firmwaresd_429_firmwaresd_652sd_425_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_625_firmwaresd_450mdm9655sdm439_firmwaresd_412_firmwaresd_8cx_firmwaresd_8cxsd_427sd_430sd_435_firmwaresd_632_firmwaremdm9650_firmwaresd_835_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-862
Missing Authorization
CVE-2018-11886
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.36%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11824
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_850sd_212_firmwaresd_850_firmwaresda660_firmwaresd_845mdm9206_firmwaremdm9607_firmwaremdm9650sd_210mdm9607sd_835_firmwaremdm9650_firmwaresd_835sd_205sda660sd_845_firmwaresd_210_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11832
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9692
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.57%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 21:00
Updated-16 Sep, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When an atomic commit is issued on a writeback panel with a NULL output_layer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 13
  • 14
  • Next
Details not found