Vulnerabilites related to Qualcomm Technologies, Inc. - Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
cve-2017-18275
Vulnerability from cvelistv5
Published
2019-05-06 22:43
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm Technologies, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Version: MDM9206 Version: MDM9607 Version: MDM9650 Version: MSM8909W Version: SD 210/SD 212/SD 205 Version: SD 425 Version: SD 430 Version: SD 450 Version: SD 615/16/SD 415 Version: SD 617 Version: SD 625 Version: SD 650/52 Version: SD 820 Version: SD 820A Version: SD 835 Version: SD 845 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm Technologies, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "SD 210/SD 212/SD 205"
},
{
"status": "affected",
"version": "SD 425"
},
{
"status": "affected",
"version": "SD 430"
},
{
"status": "affected",
"version": "SD 450"
},
{
"status": "affected",
"version": "SD 615/16/SD 415"
},
{
"status": "affected",
"version": "SD 617"
},
{
"status": "affected",
"version": "SD 625"
},
{
"status": "affected",
"version": "SD 650/52"
},
{
"status": "affected",
"version": "SD 820"
},
{
"status": "affected",
"version": "SD 820A"
},
{
"status": "affected",
"version": "SD 835"
},
{
"status": "affected",
"version": "SD 845"
}
]
}
],
"datePublic": "2019-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE284: Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T22:43:05",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206"
},
{
"version_value": "MDM9607"
},
{
"version_value": "MDM9650"
},
{
"version_value": "MSM8909W"
},
{
"version_value": "SD 210/SD 212/SD 205"
},
{
"version_value": "SD 425"
},
{
"version_value": "SD 430"
},
{
"version_value": "SD 450"
},
{
"version_value": "SD 615/16/SD 415"
},
{
"version_value": "SD 617"
},
{
"version_value": "SD 625"
},
{
"version_value": "SD 650/52"
},
{
"version_value": "SD 820"
},
{
"version_value": "SD 820A"
},
{
"version_value": "SD 835"
},
{
"version_value": "SD 845"
}
]
}
}
]
},
"vendor_name": "Qualcomm Technologies, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "MISC",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-18275",
"datePublished": "2019-05-06T22:43:05",
"dateReserved": "2018-05-18T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18157
Vulnerability from cvelistv5
Published
2019-05-06 22:31
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm Technologies, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Version: MDM9206 Version: MDM9607 Version: MDM9650 Version: MSM8909W Version: MSM8996AU Version: SD 210/SD 212/SD 205 Version: SD 425 Version: SD 450 Version: SD 615/16/SD 415 Version: SD 625 Version: SD 650/52 Version: SD 820 Version: SD 820A Version: SD 835 Version: SD 845 Version: SDX20 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:48.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm Technologies, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "SD 210/SD 212/SD 205"
},
{
"status": "affected",
"version": "SD 425"
},
{
"status": "affected",
"version": "SD 450"
},
{
"status": "affected",
"version": "SD 615/16/SD 415"
},
{
"status": "affected",
"version": "SD 625"
},
{
"status": "affected",
"version": "SD 650/52"
},
{
"status": "affected",
"version": "SD 820"
},
{
"status": "affected",
"version": "SD 820A"
},
{
"status": "affected",
"version": "SD 835"
},
{
"status": "affected",
"version": "SD 845"
},
{
"status": "affected",
"version": "SDX20"
}
]
}
],
"datePublic": "2019-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE416: Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T22:31:47",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206"
},
{
"version_value": "MDM9607"
},
{
"version_value": "MDM9650"
},
{
"version_value": "MSM8909W"
},
{
"version_value": "MSM8996AU"
},
{
"version_value": "SD 210/SD 212/SD 205"
},
{
"version_value": "SD 425"
},
{
"version_value": "SD 450"
},
{
"version_value": "SD 615/16/SD 415"
},
{
"version_value": "SD 625"
},
{
"version_value": "SD 650/52"
},
{
"version_value": "SD 820"
},
{
"version_value": "SD 820A"
},
{
"version_value": "SD 835"
},
{
"version_value": "SD 845"
},
{
"version_value": "SDX20"
}
]
}
}
]
},
"vendor_name": "Qualcomm Technologies, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE416: Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-18157",
"datePublished": "2019-05-06T22:31:47",
"dateReserved": "2018-02-05T00:00:00",
"dateUpdated": "2024-08-05T21:13:48.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18274
Vulnerability from cvelistv5
Published
2019-05-06 22:37
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm Technologies, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Version: MDM9206 Version: MDM9607 Version: MDM9650 Version: SD 210/SD 212/SD 205 Version: SD 425 Version: SD 430 Version: SD 450 Version: SD 617 Version: SD 625 Version: SD 650/52 Version: SD 820 Version: SD 820A Version: SD 835 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm Technologies, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "SD 210/SD 212/SD 205"
},
{
"status": "affected",
"version": "SD 425"
},
{
"status": "affected",
"version": "SD 430"
},
{
"status": "affected",
"version": "SD 450"
},
{
"status": "affected",
"version": "SD 617"
},
{
"status": "affected",
"version": "SD 625"
},
{
"status": "affected",
"version": "SD 650/52"
},
{
"status": "affected",
"version": "SD 820"
},
{
"status": "affected",
"version": "SD 820A"
},
{
"status": "affected",
"version": "SD 835"
}
]
}
],
"datePublic": "2019-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE129: Improper Validation of Array Index",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T22:37:54",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206"
},
{
"version_value": "MDM9607"
},
{
"version_value": "MDM9650"
},
{
"version_value": "SD 210/SD 212/SD 205"
},
{
"version_value": "SD 425"
},
{
"version_value": "SD 430"
},
{
"version_value": "SD 450"
},
{
"version_value": "SD 617"
},
{
"version_value": "SD 625"
},
{
"version_value": "SD 650/52"
},
{
"version_value": "SD 820"
},
{
"version_value": "SD 820A"
},
{
"version_value": "SD 835"
}
]
}
}
]
},
"vendor_name": "Qualcomm Technologies, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE129: Improper Validation of Array Index"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "MISC",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-18274",
"datePublished": "2019-05-06T22:37:54",
"dateReserved": "2018-05-18T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18278
Vulnerability from cvelistv5
Published
2019-05-06 22:54
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm Technologies, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Version: MDM9206 Version: MDM9607 Version: MDM9650 Version: SD 210/SD 212/SD 205 Version: SD 425 Version: SD 430 Version: SD 450 Version: SD 625 Version: SD 650/52 Version: SD 820 Version: SD 820A Version: SD 835 Version: SD 845 Version: SD 850 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm Technologies, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "SD 210/SD 212/SD 205"
},
{
"status": "affected",
"version": "SD 425"
},
{
"status": "affected",
"version": "SD 430"
},
{
"status": "affected",
"version": "SD 450"
},
{
"status": "affected",
"version": "SD 625"
},
{
"status": "affected",
"version": "SD 650/52"
},
{
"status": "affected",
"version": "SD 820"
},
{
"status": "affected",
"version": "SD 820A"
},
{
"status": "affected",
"version": "SD 835"
},
{
"status": "affected",
"version": "SD 845"
},
{
"status": "affected",
"version": "SD 850"
}
]
}
],
"datePublic": "2019-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE680: Integer Overflow to Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T22:54:13",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206"
},
{
"version_value": "MDM9607"
},
{
"version_value": "MDM9650"
},
{
"version_value": "SD 210/SD 212/SD 205"
},
{
"version_value": "SD 425"
},
{
"version_value": "SD 430"
},
{
"version_value": "SD 450"
},
{
"version_value": "SD 625"
},
{
"version_value": "SD 650/52"
},
{
"version_value": "SD 820"
},
{
"version_value": "SD 820A"
},
{
"version_value": "SD 835"
},
{
"version_value": "SD 845"
},
{
"version_value": "SD 850"
}
]
}
}
]
},
"vendor_name": "Qualcomm Technologies, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE680: Integer Overflow to Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "MISC",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-18278",
"datePublished": "2019-05-06T22:54:13",
"dateReserved": "2018-05-18T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18156
Vulnerability from cvelistv5
Published
2019-05-06 22:28
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm Technologies, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Version: MDM9206 Version: MDM9607 Version: MDM9650 Version: MSM8996AU Version: SD 210/SD 212/SD 205 Version: SD 625 Version: SD 820 Version: SD 820A Version: SD 835 Version: SDX20 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:48.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm Technologies, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206"
},
{
"status": "affected",
"version": "MDM9607"
},
{
"status": "affected",
"version": "MDM9650"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "SD 210/SD 212/SD 205"
},
{
"status": "affected",
"version": "SD 625"
},
{
"status": "affected",
"version": "SD 820"
},
{
"status": "affected",
"version": "SD 820A"
},
{
"status": "affected",
"version": "SD 835"
},
{
"status": "affected",
"version": "SDX20"
}
]
}
],
"datePublic": "2019-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE416: Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T22:28:03",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206"
},
{
"version_value": "MDM9607"
},
{
"version_value": "MDM9650"
},
{
"version_value": "MSM8996AU"
},
{
"version_value": "SD 210/SD 212/SD 205"
},
{
"version_value": "SD 625"
},
{
"version_value": "SD 820"
},
{
"version_value": "SD 820A"
},
{
"version_value": "SD 835"
},
{
"version_value": "SDX20"
}
]
}
}
]
},
"vendor_name": "Qualcomm Technologies, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE416: Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "MISC",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-18156",
"datePublished": "2019-05-06T22:28:03",
"dateReserved": "2018-02-05T00:00:00",
"dateUpdated": "2024-08-05T21:13:48.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}