Vulnerabilites related to qualcomm - sd_16_firmware
cve-2018-11935
Vulnerability from cvelistv5
Published
2019-02-25 23:00
Modified
2024-08-05 08:24
Severity ?
EPSS score ?
Summary
Improper input validation might result in incorrect app id returned to the caller Instead of returning failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130.
References
▼ | URL | Tags |
---|---|---|
https://www.qualcomm.com/company/product-security/bulletins | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/106845 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
Version: MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:24:03.391Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106845", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", vendor: "Qualcomm, Inc.", versions: [ { status: "affected", version: "MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130", }, ], }, ], datePublic: "2019-02-04T00:00:00", descriptions: [ { lang: "en", value: "Improper input validation might result in incorrect app id returned to the caller Instead of returning failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130.", }, ], problemTypes: [ { descriptions: [ { description: "Improper Input Validation in QTEE", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-26T10:57:01", orgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", shortName: "qualcomm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106845", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@qualcomm.com", ID: "CVE-2018-11935", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", version: { version_data: [ { version_value: "MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130", }, ], }, }, ], }, vendor_name: "Qualcomm, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper input validation might result in incorrect app id returned to the caller Instead of returning failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Input Validation in QTEE", }, ], }, ], }, references: { reference_data: [ { name: "https://www.qualcomm.com/company/product-security/bulletins", refsource: "CONFIRM", url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", refsource: "BID", url: "http://www.securityfocus.com/bid/106845", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", assignerShortName: "qualcomm", cveId: "CVE-2018-11935", datePublished: "2019-02-25T23:00:00", dateReserved: "2018-06-07T00:00:00", dateUpdated: "2024-08-05T08:24:03.391Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-11938
Vulnerability from cvelistv5
Published
2019-02-25 23:00
Modified
2024-08-05 08:24
Severity ?
EPSS score ?
Summary
Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.
References
▼ | URL | Tags |
---|---|---|
https://www.qualcomm.com/company/product-security/bulletins | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/106845 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
Version: IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:24:03.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106845", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", vendor: "Qualcomm, Inc.", versions: [ { status: "affected", version: "IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130", }, ], }, ], datePublic: "2019-02-04T00:00:00", descriptions: [ { lang: "en", value: "Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.", }, ], problemTypes: [ { descriptions: [ { description: "Buffer Copy Without Checking Size of Input in Trusted Application Environment", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-26T10:57:01", orgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", shortName: "qualcomm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106845", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@qualcomm.com", ID: "CVE-2018-11938", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", version: { version_data: [ { version_value: "IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130", }, ], }, }, ], }, vendor_name: "Qualcomm, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Buffer Copy Without Checking Size of Input in Trusted Application Environment", }, ], }, ], }, references: { reference_data: [ { name: "https://www.qualcomm.com/company/product-security/bulletins", refsource: "CONFIRM", url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", refsource: "BID", url: "http://www.securityfocus.com/bid/106845", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", assignerShortName: "qualcomm", cveId: "CVE-2018-11938", datePublished: "2019-02-25T23:00:00", dateReserved: "2018-06-07T00:00:00", dateUpdated: "2024-08-05T08:24:03.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-11932
Vulnerability from cvelistv5
Published
2019-02-25 23:00
Modified
2024-08-05 08:24
Severity ?
EPSS score ?
Summary
Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.
References
▼ | URL | Tags |
---|---|---|
https://www.qualcomm.com/company/product-security/bulletins | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/106845 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
Version: MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:24:02.942Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106845", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", vendor: "Qualcomm, Inc.", versions: [ { status: "affected", version: "MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130", }, ], }, ], datePublic: "2019-02-04T00:00:00", descriptions: [ { lang: "en", value: "Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.", }, ], problemTypes: [ { descriptions: [ { description: "Improper Input Validation in Core", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-26T10:57:01", orgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", shortName: "qualcomm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106845", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@qualcomm.com", ID: "CVE-2018-11932", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", version: { version_data: [ { version_value: "MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130", }, ], }, }, ], }, vendor_name: "Qualcomm, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Input Validation in Core", }, ], }, ], }, references: { reference_data: [ { name: "https://www.qualcomm.com/company/product-security/bulletins", refsource: "CONFIRM", url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", refsource: "BID", url: "http://www.securityfocus.com/bid/106845", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", assignerShortName: "qualcomm", cveId: "CVE-2018-11932", datePublished: "2019-02-25T23:00:00", dateReserved: "2018-06-07T00:00:00", dateUpdated: "2024-08-05T08:24:02.942Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-11945
Vulnerability from cvelistv5
Published
2019-02-25 23:00
Modified
2024-08-05 08:24
Severity ?
EPSS score ?
Summary
Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130.
References
▼ | URL | Tags |
---|---|---|
https://www.qualcomm.com/company/product-security/bulletins | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/106845 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Version: MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:24:03.497Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106845", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables", vendor: "Qualcomm, Inc.", versions: [ { status: "affected", version: "MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130", }, ], }, ], datePublic: "2019-02-04T00:00:00", descriptions: [ { lang: "en", value: "Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130.", }, ], problemTypes: [ { descriptions: [ { description: "Buffer Copy Without Checking Size of Input in MMCP", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-26T10:57:01", orgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", shortName: "qualcomm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106845", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@qualcomm.com", ID: "CVE-2018-11945", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables", version: { version_data: [ { version_value: "MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130", }, ], }, }, ], }, vendor_name: "Qualcomm, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Buffer Copy Without Checking Size of Input in MMCP", }, ], }, ], }, references: { reference_data: [ { name: "https://www.qualcomm.com/company/product-security/bulletins", refsource: "CONFIRM", url: "https://www.qualcomm.com/company/product-security/bulletins", }, { name: "106845", refsource: "BID", url: "http://www.securityfocus.com/bid/106845", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", assignerShortName: "qualcomm", cveId: "CVE-2018-11945", datePublished: "2019-02-25T23:00:00", dateReserved: "2018-06-07T00:00:00", dateUpdated: "2024-08-05T08:24:03.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-02-25 22:29
Modified
2024-11-21 03:44
Severity ?
Summary
Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.
References
▼ | URL | Tags | |
---|---|---|---|
product-security@qualcomm.com | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
product-security@qualcomm.com | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "35B7E25E-FA92-4C36-883C-CFF36F4B3507", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", matchCriteriaId: "ECD99C6F-2444-4A5E-A517-0C8023DDF23D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7AFDBF8-D08A-4C98-B4A4-A4C7049DD05F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*", matchCriteriaId: "520B217E-C02B-493D-8C11-E155E50357B0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8CA1E7B0-782B-4757-B118-802943798984", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", matchCriteriaId: "95CB08EC-AE12-4A54-AA3C-998F01FC8763", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B05FD66D-13A6-40E9-A64B-E428378F237E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F683C42D-A310-4369-9689-3DBC9288591E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*", matchCriteriaId: "0EADE10A-0F63-4149-8F03-030673D6D7CE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_12_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F192E5FB-2BDB-453C-8AF6-C02FC2E5931E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_12:-:*:*:*:*:*:*:*", matchCriteriaId: "33DE82BE-46A7-4183-95E1-0C788A842825", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "549E6F7E-A54F-423F-BD4A-A8FB97DBD39E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*", matchCriteriaId: "992C3835-7183-4D96-8647-DD9916880323", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_16_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE69163E-A136-4B84-9E8E-63BDBF059AE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_16:-:*:*:*:*:*:*:*", matchCriteriaId: "8DD4DD85-C369-42C7-B399-D287551154CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ECF81213-DE2D-4C4B-99E8-71AFD87E92CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*", matchCriteriaId: "95E826EF-343B-47FA-AB54-F13E868CE6A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3F900C8F-9763-441A-B97E-E5394A68A08A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", matchCriteriaId: "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6BFF8872-645F-4A05-BAF9-7797CFBE37C6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*", matchCriteriaId: "9CB91AFF-C149-4F5C-92EC-E78E66935528", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2B529780-DB0A-4F9C-AE63-6DEC593B86E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*", matchCriteriaId: "669E7360-E8C3-4BB8-A3B6-61BD58AFAF62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D49606C5-7306-4F33-864C-C1905594F09C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*", matchCriteriaId: "B43964AF-7CEC-420A-935B-D3895B2BAC70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E077FC03-F86F-417A-A3E6-BC88CB85C6F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*", matchCriteriaId: "E016356C-94ED-4CDD-8351-97D265FE036E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E08016A2-E4FE-4E9C-A915-C66BE157AFB5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*", matchCriteriaId: "018452D0-007C-4740-B2AF-E5C8BBAC310F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*", matchCriteriaId: "F930E9BF-C502-49C6-8BE8-9A711B89FA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*", matchCriteriaId: "DE18BF66-B0DB-48BB-B43A-56F01821F5A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C10C7CB-3B66-4F17-8146-6A85611E2BA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*", matchCriteriaId: "B9DA765F-53DE-4FB0-B825-6C11B3177641", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A71D1A7C-537F-458B-BA56-A11F95E36EA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", matchCriteriaId: "716DEC4D-D854-44CD-8A14-AA5AFD96809E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "096F7BA5-FF58-416B-93EF-733B16326C86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*", matchCriteriaId: "7AF958FB-1611-4102-A2DB-8D4311AE0D72", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.", }, { lang: "es", value: "La validación de entradas incorrecta puede conducir al acceso RW al subsistema seguro del HLOS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT y Snapdragon Mobile en versiones MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX y SXR1130.", }, ], id: "CVE-2018-11932", lastModified: "2024-11-21T03:44:16.703", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-25T22:29:02.540", references: [ { source: "product-security@qualcomm.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "product-security@qualcomm.com", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, ], sourceIdentifier: "product-security@qualcomm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-25 22:29
Modified
2024-11-21 03:44
Severity ?
Summary
Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.
References
▼ | URL | Tags | |
---|---|---|---|
product-security@qualcomm.com | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
product-security@qualcomm.com | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2914BF98-E69C-4C8D-8B10-759642ADD7B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", matchCriteriaId: "2118C404-402F-463C-8160-3CC3B703DF30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4E2F2D26-2833-45A4-81F0-8E9F338C1E13", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*", matchCriteriaId: "4EB171B1-D163-4801-A241-8DD7193A5DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A960B86A-C397-4ACB-AEE6-55F316D32949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*", matchCriteriaId: "D79B8959-3D1E-4B48-9181-D75FE90AAF98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A35FECFB-60AE-42A8-BCBB-FEA7D5826D49", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*", matchCriteriaId: "E9765187-8653-4D66-B230-B2CE862AC5C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "35B7E25E-FA92-4C36-883C-CFF36F4B3507", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", matchCriteriaId: "ECD99C6F-2444-4A5E-A517-0C8023DDF23D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE28A59C-7AA6-4B85-84E8-07852B96108E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*", matchCriteriaId: "5DEE828B-09A7-4AC1-8134-491A7C87C118", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8CA1E7B0-782B-4757-B118-802943798984", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", matchCriteriaId: "95CB08EC-AE12-4A54-AA3C-998F01FC8763", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1D1C53DC-D2F3-4C92-9725-9A85340AF026", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", matchCriteriaId: "ED0585FF-E390-46E8-8701-70964A4057BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B05FD66D-13A6-40E9-A64B-E428378F237E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FA80D57-3191-47CF-AD3F-9F2D64E443FE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*", matchCriteriaId: "B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E0986EF1-0974-488E-84C4-6880F876CE55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*", matchCriteriaId: "8C08BA58-2EBC-4A22-85A4-2ECD54693B9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "27110478-4C08-49E6-BD53-8BAAD9D5BD65", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*", matchCriteriaId: "3664D302-D22A-4B25-B534-3097AE2F8573", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F683C42D-A310-4369-9689-3DBC9288591E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*", matchCriteriaId: "0EADE10A-0F63-4149-8F03-030673D6D7CE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_12_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F192E5FB-2BDB-453C-8AF6-C02FC2E5931E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_12:-:*:*:*:*:*:*:*", matchCriteriaId: "33DE82BE-46A7-4183-95E1-0C788A842825", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C56BC939-2FE8-4AB4-B638-35C83B224005", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*", matchCriteriaId: "E36C12E2-7064-41E6-B357-3F0E6E6D0A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8175FC2D-8B9C-4461-BEAE-E9C688E8A63B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*", matchCriteriaId: "92CD09CE-75CC-418F-AB16-4685141BDE36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BE5C66CC-B00C-4581-B8FB-0632232E480D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*", matchCriteriaId: "87F57247-08CD-473E-A517-F9E85BFC7BEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "55604764-FC96-451C-BB9B-9AD72EF5D245", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*", matchCriteriaId: "71CEDACD-D22B-4CCD-93DA-B79CB74BDA22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DE3EA03-0373-4FEF-B1FC-123A8073520B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*", matchCriteriaId: "A64D3E69-0784-4DEA-96C1-2D41EAFA1906", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B11CE0F1-29BD-46E1-ACFE-D076192F138E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*", matchCriteriaId: "D205DB4E-68C2-4B13-8373-128870DF83D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E07C621F-0BC0-40C1-9678-1AF6498AC487", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*", matchCriteriaId: "9C621A62-E346-406B-9D20-8FF6C2B0851F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "549E6F7E-A54F-423F-BD4A-A8FB97DBD39E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*", matchCriteriaId: "992C3835-7183-4D96-8647-DD9916880323", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_16_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE69163E-A136-4B84-9E8E-63BDBF059AE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_16:-:*:*:*:*:*:*:*", matchCriteriaId: "8DD4DD85-C369-42C7-B399-D287551154CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ECF81213-DE2D-4C4B-99E8-71AFD87E92CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*", matchCriteriaId: "95E826EF-343B-47FA-AB54-F13E868CE6A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "06E0CC35-AC20-42D7-8FEA-CA4685E33E72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*", matchCriteriaId: "4A2C4DED-2367-4736-A0AF-C8356F1271AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F2126866-3B02-42B4-A57A-4EFF30848B55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*", matchCriteriaId: "F832FE19-8D65-4779-B6F5-BD90BD131FD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CE94E380-CB75-462E-B411-BF38F17D53B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*", matchCriteriaId: "0947F38F-3DC2-45F1-B3B3-963922F32054", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BC1650DB-FDF8-4BE5-9437-8ADA11A07116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*", matchCriteriaId: "B51DD51F-4BDE-497B-89E5-551D10CF3442", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_52_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B952AF30-D49F-4D26-957E-84134EF51954", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_52:-:*:*:*:*:*:*:*", matchCriteriaId: "D8BDD86B-9FF7-4376-9293-BA8D1DB85654", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3F900C8F-9763-441A-B97E-E5394A68A08A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", matchCriteriaId: "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6BFF8872-645F-4A05-BAF9-7797CFBE37C6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*", matchCriteriaId: "9CB91AFF-C149-4F5C-92EC-E78E66935528", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2B529780-DB0A-4F9C-AE63-6DEC593B86E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*", matchCriteriaId: "669E7360-E8C3-4BB8-A3B6-61BD58AFAF62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D49606C5-7306-4F33-864C-C1905594F09C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*", matchCriteriaId: "B43964AF-7CEC-420A-935B-D3895B2BAC70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E077FC03-F86F-417A-A3E6-BC88CB85C6F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*", matchCriteriaId: "E016356C-94ED-4CDD-8351-97D265FE036E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E08016A2-E4FE-4E9C-A915-C66BE157AFB5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*", matchCriteriaId: "018452D0-007C-4740-B2AF-E5C8BBAC310F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*", matchCriteriaId: "F930E9BF-C502-49C6-8BE8-9A711B89FA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*", matchCriteriaId: "DE18BF66-B0DB-48BB-B43A-56F01821F5A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C10C7CB-3B66-4F17-8146-6A85611E2BA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*", matchCriteriaId: "B9DA765F-53DE-4FB0-B825-6C11B3177641", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A71D1A7C-537F-458B-BA56-A11F95E36EA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", matchCriteriaId: "716DEC4D-D854-44CD-8A14-AA5AFD96809E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A2326BD7-28A5-4244-8501-B109913E7AE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*", matchCriteriaId: "532D244B-8B5A-4923-B7F1-9DC0A5FC0E9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "84289E6D-DA2A-4D04-9DDA-E8C46DDDD056", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*", matchCriteriaId: "C0B56360-7AC3-410A-B7F8-1BE8514B3781", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8EA0D645-80F6-48C3-AF0D-99198ADC8778", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*", matchCriteriaId: "814FF3F3-CD5A-45A3-988C-6457D2CEB48C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24D7B67C-6FEC-48F8-9D46-778E4528BC20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*", matchCriteriaId: "05006807-D961-446C-B8DC-C87507F1316E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "706B5BF5-3803-4D3C-8A3B-34D30D8B36F9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "C69745BA-DE6A-4646-959D-C45166559952", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "096F7BA5-FF58-416B-93EF-733B16326C86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*", matchCriteriaId: "7AF958FB-1611-4102-A2DB-8D4311AE0D72", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.", }, { lang: "es", value: "La validación de entradas incorrecta para los argumentos recibidos desde el HLOS puede conducir a desbordamientos de búfer y a un comportamiento inesperado en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice Music, Snapdragon Wearables y Snapdragon Wired Infrastructure and Networking en versiones IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016 y SXR1130.", }, ], id: "CVE-2018-11938", lastModified: "2024-11-21T03:44:17.427", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-25T22:29:02.617", references: [ { source: "product-security@qualcomm.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "product-security@qualcomm.com", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, ], sourceIdentifier: "product-security@qualcomm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-25 22:29
Modified
2024-11-21 03:44
Severity ?
Summary
Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130.
References
▼ | URL | Tags | |
---|---|---|---|
product-security@qualcomm.com | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
product-security@qualcomm.com | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4E2F2D26-2833-45A4-81F0-8E9F338C1E13", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*", matchCriteriaId: "4EB171B1-D163-4801-A241-8DD7193A5DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A960B86A-C397-4ACB-AEE6-55F316D32949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*", matchCriteriaId: "D79B8959-3D1E-4B48-9181-D75FE90AAF98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A35FECFB-60AE-42A8-BCBB-FEA7D5826D49", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*", matchCriteriaId: "E9765187-8653-4D66-B230-B2CE862AC5C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "71E28EA6-0683-4755-8ABB-7F37DA810E4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*", matchCriteriaId: "D4DF4D4E-CDAA-42BB-802E-2722E7F3DBC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "93AE9CA0-59C4-4C7E-8D5E-E0226117C45A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9625:-:*:*:*:*:*:*:*", matchCriteriaId: "467A5C4D-9909-44B5-9D1B-B746902FF094", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF77DD1-BE11-4132-9889-646196FAE567", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*", matchCriteriaId: "CB323C15-2018-4CB8-858E-56F088B03FBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FD1C359-C79B-4CE8-A192-5AA34D0BF05B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*", matchCriteriaId: "716B747E-672C-4B95-9D8E-1262338E67EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "35B7E25E-FA92-4C36-883C-CFF36F4B3507", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", matchCriteriaId: "ECD99C6F-2444-4A5E-A517-0C8023DDF23D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7AFDBF8-D08A-4C98-B4A4-A4C7049DD05F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*", matchCriteriaId: "520B217E-C02B-493D-8C11-E155E50357B0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE28A59C-7AA6-4B85-84E8-07852B96108E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*", matchCriteriaId: "5DEE828B-09A7-4AC1-8134-491A7C87C118", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8CA1E7B0-782B-4757-B118-802943798984", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", matchCriteriaId: "95CB08EC-AE12-4A54-AA3C-998F01FC8763", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B05FD66D-13A6-40E9-A64B-E428378F237E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FA80D57-3191-47CF-AD3F-9F2D64E443FE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*", matchCriteriaId: "B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E0986EF1-0974-488E-84C4-6880F876CE55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*", matchCriteriaId: "8C08BA58-2EBC-4A22-85A4-2ECD54693B9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "27110478-4C08-49E6-BD53-8BAAD9D5BD65", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*", matchCriteriaId: "3664D302-D22A-4B25-B534-3097AE2F8573", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F683C42D-A310-4369-9689-3DBC9288591E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*", matchCriteriaId: "0EADE10A-0F63-4149-8F03-030673D6D7CE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_12_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F192E5FB-2BDB-453C-8AF6-C02FC2E5931E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_12:-:*:*:*:*:*:*:*", matchCriteriaId: "33DE82BE-46A7-4183-95E1-0C788A842825", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C56BC939-2FE8-4AB4-B638-35C83B224005", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*", matchCriteriaId: "E36C12E2-7064-41E6-B357-3F0E6E6D0A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8175FC2D-8B9C-4461-BEAE-E9C688E8A63B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*", matchCriteriaId: "92CD09CE-75CC-418F-AB16-4685141BDE36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BE5C66CC-B00C-4581-B8FB-0632232E480D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*", matchCriteriaId: "87F57247-08CD-473E-A517-F9E85BFC7BEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "55604764-FC96-451C-BB9B-9AD72EF5D245", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*", matchCriteriaId: "71CEDACD-D22B-4CCD-93DA-B79CB74BDA22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DE3EA03-0373-4FEF-B1FC-123A8073520B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*", matchCriteriaId: "A64D3E69-0784-4DEA-96C1-2D41EAFA1906", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B11CE0F1-29BD-46E1-ACFE-D076192F138E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*", matchCriteriaId: "D205DB4E-68C2-4B13-8373-128870DF83D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E07C621F-0BC0-40C1-9678-1AF6498AC487", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*", matchCriteriaId: "9C621A62-E346-406B-9D20-8FF6C2B0851F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "549E6F7E-A54F-423F-BD4A-A8FB97DBD39E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*", matchCriteriaId: "992C3835-7183-4D96-8647-DD9916880323", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_16_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE69163E-A136-4B84-9E8E-63BDBF059AE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_16:-:*:*:*:*:*:*:*", matchCriteriaId: "8DD4DD85-C369-42C7-B399-D287551154CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ECF81213-DE2D-4C4B-99E8-71AFD87E92CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*", matchCriteriaId: "95E826EF-343B-47FA-AB54-F13E868CE6A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "06E0CC35-AC20-42D7-8FEA-CA4685E33E72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*", matchCriteriaId: "4A2C4DED-2367-4736-A0AF-C8356F1271AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F2126866-3B02-42B4-A57A-4EFF30848B55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*", matchCriteriaId: "F832FE19-8D65-4779-B6F5-BD90BD131FD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CE94E380-CB75-462E-B411-BF38F17D53B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*", matchCriteriaId: "0947F38F-3DC2-45F1-B3B3-963922F32054", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BC1650DB-FDF8-4BE5-9437-8ADA11A07116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*", matchCriteriaId: "B51DD51F-4BDE-497B-89E5-551D10CF3442", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_52_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B952AF30-D49F-4D26-957E-84134EF51954", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_52:-:*:*:*:*:*:*:*", matchCriteriaId: "D8BDD86B-9FF7-4376-9293-BA8D1DB85654", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3F900C8F-9763-441A-B97E-E5394A68A08A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", matchCriteriaId: "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6BFF8872-645F-4A05-BAF9-7797CFBE37C6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*", matchCriteriaId: "9CB91AFF-C149-4F5C-92EC-E78E66935528", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2B529780-DB0A-4F9C-AE63-6DEC593B86E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*", matchCriteriaId: "669E7360-E8C3-4BB8-A3B6-61BD58AFAF62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D49606C5-7306-4F33-864C-C1905594F09C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*", matchCriteriaId: "B43964AF-7CEC-420A-935B-D3895B2BAC70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E077FC03-F86F-417A-A3E6-BC88CB85C6F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*", matchCriteriaId: "E016356C-94ED-4CDD-8351-97D265FE036E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E08016A2-E4FE-4E9C-A915-C66BE157AFB5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*", matchCriteriaId: "018452D0-007C-4740-B2AF-E5C8BBAC310F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*", matchCriteriaId: "F930E9BF-C502-49C6-8BE8-9A711B89FA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*", matchCriteriaId: "DE18BF66-B0DB-48BB-B43A-56F01821F5A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C10C7CB-3B66-4F17-8146-6A85611E2BA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*", matchCriteriaId: "B9DA765F-53DE-4FB0-B825-6C11B3177641", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_855_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "91400943-3D25-4E44-9FFD-9E3076305D80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_855:-:*:*:*:*:*:*:*", matchCriteriaId: "57B16867-710D-4748-8636-635E2C6F7389", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A71D1A7C-537F-458B-BA56-A11F95E36EA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", matchCriteriaId: "716DEC4D-D854-44CD-8A14-AA5AFD96809E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A2326BD7-28A5-4244-8501-B109913E7AE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*", matchCriteriaId: "532D244B-8B5A-4923-B7F1-9DC0A5FC0E9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "84289E6D-DA2A-4D04-9DDA-E8C46DDDD056", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*", matchCriteriaId: "C0B56360-7AC3-410A-B7F8-1BE8514B3781", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8EA0D645-80F6-48C3-AF0D-99198ADC8778", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*", matchCriteriaId: "814FF3F3-CD5A-45A3-988C-6457D2CEB48C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24D7B67C-6FEC-48F8-9D46-778E4528BC20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*", matchCriteriaId: "05006807-D961-446C-B8DC-C87507F1316E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CE1B23-6FE3-41C4-B264-C7A9E8BDBEC1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*", matchCriteriaId: "794BA13C-3C63-4695-AA45-676F85D904BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "706B5BF5-3803-4D3C-8A3B-34D30D8B36F9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "C69745BA-DE6A-4646-959D-C45166559952", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "096F7BA5-FF58-416B-93EF-733B16326C86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*", matchCriteriaId: "7AF958FB-1611-4102-A2DB-8D4311AE0D72", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130.", }, { lang: "es", value: "La validación de entradas incorrecta en el módulo de mensajería del servicio inalámbrico para los datos recibidos desde los mensajes de retransmisión puede conducir a un desbordamiento de memoria dinámica (heap) en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice Music y Snapdragon Wearables en versiones MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 y SXR1130", }, ], id: "CVE-2018-11945", lastModified: "2024-11-21T03:44:18.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-25T22:29:02.650", references: [ { source: "product-security@qualcomm.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "product-security@qualcomm.com", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, ], sourceIdentifier: "product-security@qualcomm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-25 22:29
Modified
2024-11-21 03:44
Severity ?
Summary
Improper input validation might result in incorrect app id returned to the caller Instead of returning failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130.
References
▼ | URL | Tags | |
---|---|---|---|
product-security@qualcomm.com | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
product-security@qualcomm.com | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106845 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A35FECFB-60AE-42A8-BCBB-FEA7D5826D49", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*", matchCriteriaId: "E9765187-8653-4D66-B230-B2CE862AC5C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "35B7E25E-FA92-4C36-883C-CFF36F4B3507", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", matchCriteriaId: "ECD99C6F-2444-4A5E-A517-0C8023DDF23D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7AFDBF8-D08A-4C98-B4A4-A4C7049DD05F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*", matchCriteriaId: "520B217E-C02B-493D-8C11-E155E50357B0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8CA1E7B0-782B-4757-B118-802943798984", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", matchCriteriaId: "95CB08EC-AE12-4A54-AA3C-998F01FC8763", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B05FD66D-13A6-40E9-A64B-E428378F237E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FA80D57-3191-47CF-AD3F-9F2D64E443FE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*", matchCriteriaId: "B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E0986EF1-0974-488E-84C4-6880F876CE55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*", matchCriteriaId: "8C08BA58-2EBC-4A22-85A4-2ECD54693B9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "27110478-4C08-49E6-BD53-8BAAD9D5BD65", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*", matchCriteriaId: "3664D302-D22A-4B25-B534-3097AE2F8573", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F683C42D-A310-4369-9689-3DBC9288591E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*", matchCriteriaId: "0EADE10A-0F63-4149-8F03-030673D6D7CE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_12_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F192E5FB-2BDB-453C-8AF6-C02FC2E5931E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_12:-:*:*:*:*:*:*:*", matchCriteriaId: "33DE82BE-46A7-4183-95E1-0C788A842825", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "549E6F7E-A54F-423F-BD4A-A8FB97DBD39E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*", matchCriteriaId: "992C3835-7183-4D96-8647-DD9916880323", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_16_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE69163E-A136-4B84-9E8E-63BDBF059AE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_16:-:*:*:*:*:*:*:*", matchCriteriaId: "8DD4DD85-C369-42C7-B399-D287551154CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ECF81213-DE2D-4C4B-99E8-71AFD87E92CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*", matchCriteriaId: "95E826EF-343B-47FA-AB54-F13E868CE6A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CE94E380-CB75-462E-B411-BF38F17D53B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*", matchCriteriaId: "0947F38F-3DC2-45F1-B3B3-963922F32054", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3F900C8F-9763-441A-B97E-E5394A68A08A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", matchCriteriaId: "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6BFF8872-645F-4A05-BAF9-7797CFBE37C6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*", matchCriteriaId: "9CB91AFF-C149-4F5C-92EC-E78E66935528", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2B529780-DB0A-4F9C-AE63-6DEC593B86E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*", matchCriteriaId: "669E7360-E8C3-4BB8-A3B6-61BD58AFAF62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D49606C5-7306-4F33-864C-C1905594F09C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*", matchCriteriaId: "B43964AF-7CEC-420A-935B-D3895B2BAC70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E077FC03-F86F-417A-A3E6-BC88CB85C6F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*", matchCriteriaId: "E016356C-94ED-4CDD-8351-97D265FE036E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E08016A2-E4FE-4E9C-A915-C66BE157AFB5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*", matchCriteriaId: "018452D0-007C-4740-B2AF-E5C8BBAC310F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*", matchCriteriaId: "F930E9BF-C502-49C6-8BE8-9A711B89FA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*", matchCriteriaId: "DE18BF66-B0DB-48BB-B43A-56F01821F5A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C10C7CB-3B66-4F17-8146-6A85611E2BA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*", matchCriteriaId: "B9DA765F-53DE-4FB0-B825-6C11B3177641", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A71D1A7C-537F-458B-BA56-A11F95E36EA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", matchCriteriaId: "716DEC4D-D854-44CD-8A14-AA5AFD96809E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A2326BD7-28A5-4244-8501-B109913E7AE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*", matchCriteriaId: "532D244B-8B5A-4923-B7F1-9DC0A5FC0E9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8EA0D645-80F6-48C3-AF0D-99198ADC8778", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*", matchCriteriaId: "814FF3F3-CD5A-45A3-988C-6457D2CEB48C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24D7B67C-6FEC-48F8-9D46-778E4528BC20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*", matchCriteriaId: "05006807-D961-446C-B8DC-C87507F1316E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "096F7BA5-FF58-416B-93EF-733B16326C86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*", matchCriteriaId: "7AF958FB-1611-4102-A2DB-8D4311AE0D72", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation might result in incorrect app id returned to the caller Instead of returning failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130.", }, { lang: "es", value: "La validación de entradas incorrecta puede resultar en que se devuelve un ID de aplicación incorrecto al llamante en lugar de devolver un error en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT y Snapdragon Mobile en versiones MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660 y SXR1130.", }, ], id: "CVE-2018-11935", lastModified: "2024-11-21T03:44:16.987", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-25T22:29:02.587", references: [ { source: "product-security@qualcomm.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "product-security@qualcomm.com", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins", }, ], sourceIdentifier: "product-security@qualcomm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }