CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2017-18299
https://notcve.org/view.php?id=CVE-2017-18299
Improper translation table consolidation logic leads to resource exhaustion and QSEE error in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 La lógica de consolidación de tablas de traducción conduce al agotamiento de recursos y un error QSEE en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850 y SDA660. • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 50EXPL: 0CVE-2017-18171
https://notcve.org/view.php?id=CVE-2017-18171
Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. Validación de entradas incorrecta para los paquetes de datos GATT en la función Bluetooth Controller puede conducir a una posible corrupción de memoria en Snapdragon Mobile en versiones QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710 y Snapdragon_High_Med_2016. • https://source.android.com/security/bulletin/2018-07-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 50EXPL: 0CVE-2017-18170
https://notcve.org/view.php?id=CVE-2017-18170
Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. Validación de entradas incorrecta en la función Bluetooth Controller puede conducir a una posible corrupción de memoria en Snapdragon Mobile en versiones QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710 y Snapdragon_High_Med_2016. • https://source.android.com/security/bulletin/2018-07-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 0CVE-2017-18303
https://notcve.org/view.php?id=CVE-2017-18303
While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDA660, SDX20. Al procesar el archivo de configuración de registro del sensor, si las entradas no se validan, ocurrirá un desbordamiento de búfer en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDA660 y SDX20. • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2017-18294
https://notcve.org/view.php?id=CVE-2017-18294
While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. Al leer el tipo de clase de archivo de la cabecera ELF, podría ocurrir un desbordamiento de búfer si el tamaño del archivo ELF es menor al tamaño de la cabecera ELF64 en Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660 y SDX20. • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-125: Out-of-bounds Read •