|
2018-11-28
|
CVE-2018-5916
|
Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9615_firmware, Mdm9625_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sda660_firmware, Sda845_firmware, Sdx20_firmware, Sxr1130_firmware
|
6.5
|
|
|
|
2018-07-06
|
CVE-2018-5894
|
Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sdx20_firmware
|
6.5
|
|
|
|
2018-07-06
|
CVE-2018-5892
|
The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_430_firmware, Sd_435_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_810_firmware, Sd_820_firmware, Sd_835_firmware, Sd_845_firmware, Sdm630_firmware, Sdm636_firmware, Sdm660_firmware, Sdm710_firmware, Snapdragon_high_med_2016_firmware
|
7.5
|
|
|
|
2018-07-06
|
CVE-2018-5891
|
While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in Snapdragon Mobile and Snapdragon Wear.
|
Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_835_firmware, Sd_845_firmware
|
8.4
|
|
|
|
2018-07-06
|
CVE-2018-5885
|
While loading dynamic fonts, a buffer overflow may occur if the number of segments in the font file is out of range in Snapdragon Mobile and Snapdragon Wear.
|
Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_820_firmware, Sd_845_firmware
|
9.8
|
|
|
|
2018-07-06
|
CVE-2018-5884
|
Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_835_firmware
|
8.4
|
|
|
|
2018-07-06
|
CVE-2018-5882
|
While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sdx20_firmware
|
9.8
|
|
|
|
2018-07-06
|
CVE-2018-5878
|
While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_835_firmware
|
9.8
|
|
|
|
2018-07-06
|
CVE-2018-5876
|
While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sdx20_firmware
|
8.8
|
|
|
|
2018-07-06
|
CVE-2018-5875
|
While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
|
Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sdx20_firmware
|
8.8
|
|
|