CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18310
https://notcve.org/view.php?id=CVE-2017-18310
ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016 ClientEnv expone los servicios 0-32 al HLOS en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660 y Snapdragon_High_Med_2016. • http://www.securitytracker.com/id/1041432 https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 86EXPL: 0CVE-2018-11849
https://notcve.org/view.php?id=CVE-2018-11849
Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016 La falta de comprobación fuera de límites del parámetro bssid al procesar el comando scan start conducirá al flujo del búfer en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/107681 https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2018-11821
https://notcve.org/view.php?id=CVE-2018-11821
Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016 Podría ocurrir un desbordamiento de enteros en WLAN durante la asignación de memoria en Snapdragon Mobile y Snapdragon Wear en versiones IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/107681 https://www.qualcomm.com/company/product-security/bulletins • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 70EXPL: 0CVE-2018-11269
https://notcve.org/view.php?id=CVE-2018-11269
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. En Snapdragon (Automobile, Mobile y Wear) en versiones MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20 y Snapdragon_High_Med_2016, existe un potencial desbordamiento de búfer al analizar opciones TFTP. • http://www.securityfocus.com/bid/105838 https://www.qualcomm.com/company/product-security/bulletins • CWE-129: Improper Validation of Array Index •
CVSS: 7.5EPSS: 0%CPEs: 56EXPL: 0CVE-2018-5837
https://notcve.org/view.php?id=CVE-2018-5837
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG which produced repeating output much earlier than expected. En Snapdragon (Automobile, Mobile y Wear) en versiones IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710 y Snapdragon_High_Med_2016, la aleatorización de direcciones MAC realizada durante las peticiones probe no se realizó correctamente debido al uso de un RGN con errores, lo cual producía salidas repetidas antes de lo esperado. • https://source.android.com/security/bulletin/2018-07-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •