Qualcomm Inc Snapdragon Mobile vulnerabilities

CVE-2016-10489 [CRITICAL] CWE-476 CVE-2016-10489: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, l In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference.

CVE-2014-10050 [CRITICAL] CWE-284 CVE-2014-10050: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block.

CVE-2016-10440 [CRITICAL] CWE-284 CVE-2016-10440: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, S In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, and SD 650/52, there is improper access control to a bus.

CVE-2016-10475 [CRITICAL] CWE-190 CVE-2016-10475: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, lack input validation may lead to a integer overflow that could potentially lead to a buffer overflow.

CVE-2014-9985 [CRITICAL] CWE-388 CVE-2014-9985: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 400, and SD 800, TOCTOU condition may result in bypassing error condition checks, leading to undefined behavior.

CVE-2015-9174 [CRITICAL] CWE-119 CVE-2015-9174: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of validation of the return value prior to using for buffer allocation in QSEE application, TQS, may result in memory overwrite.

CVE-2016-10442 [CRITICAL] CWE-284 CVE-2016-10442: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.

CVE-2014-10056 [CRITICAL] CWE-119 CVE-2014-10056: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, A buffer overflow can potentially occur in any OpenCL application that calls clBuildProgram() with a device of type CL_DEVICE_TYPE_CPU in its device_list argument.

CVE-2015-9124 [CRITICAL] CWE-476 CVE-2015-9124: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, the device may crash while accessing an invalid pointer or expose otherwise inaccessible memory contents.

CVE-2016-10477 [CRITICAL] CWE-119 CVE-2016-10477: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, while processing smart card requests, a buffer overflow can occur.

CVE-2015-9151 [CRITICAL] CWE-20 CVE-2015-9151: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, userspace-provided pointer arguments are not validated.

CVE-2014-9994 [CRITICAL] CWE-119 CVE-2014-9994: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 an In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.

CVE-2015-9142 [CRITICAL] CWE-118 CVE-2015-9142: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, bounds check is missing for vtable inde

CVE-2016-10407 [CRITICAL] CWE-190 CVE-2016-10407: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, an integer overflow leading to buffer overflow can occur during a VT call.

CVE-2016-10478 [CRITICAL] CWE-190 CVE-2016-10478: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 617, i In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 617, incorrect size calculation in QCRIL SCWS processing have Integer overflow which will lead to a buffer overflow.

CVE-2014-10046 [CRITICAL] CWE-416 CVE-2014-10046: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer.

CVE-2016-10495 [CRITICAL] CWE-118 CVE-2016-10495: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range.

CVE-2014-10039 [CRITICAL] CWE-19 CVE-2014-10039: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will cause the stack to be restored to an older state resulting in a return to an unexpected location.

CVE-2015-9133 [CRITICAL] CWE-190 CVE-2015-9133: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, S In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800, and SD 810, if Widevine App TZ_WV_CMD_DECRYPT_VIDEO is called with a size too large, an integer overflow may occur.

CVE-2014-10057 [CRITICAL] CWE-264 CVE-2014-10057: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 435, SD 617, SD 625, and Snapdragon_High_Med_2016, binary Calibration files under data/misc/audio have 777 permissions.