Qualcomm Inc Snapdragon Mobile vulnerabilities

CVE-2017-8275 [CRITICAL] CWE-190 CVE-2017-8275: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205 In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 835, an integer overflow vulnerability exists in a video library.

CVE-2017-18134 [CRITICAL] CWE-119 CVE-2017-18134: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a bu In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a buffer overflow may potentially occur while processing a response from the SIM card.

CVE-2017-18135 [CRITICAL] CWE-119 CVE-2017-18135: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur.

CVE-2017-18137 [CRITICAL] CWE-119 CVE-2017-18137: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MD In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 835, while processing the IPv6 pdp address of the pdp context, a buffer overflow can occur.

CVE-2017-18143 [HIGH] CVE-2017-18143: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled.

CVE-2017-18128 [HIGH] CVE-2017-18128: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, impr In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data.

CVE-2017-14915 [CRITICAL] CWE-416 CVE-2017-14915: In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing SPCO In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing SPCOM functions with a compromised client structure can result in a Use After Free condition.

CVE-2014-9972 [CRITICAL] CWE-476 CVE-2014-9972: In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts ca In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.

CVE-2015-9065 [CRITICAL] CWE-254 CVE-2015-9065: In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.

CVE-2014-9981 [CRITICAL] CWE-119 CVE-2014-9981: In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot.

CVE-2015-9066 [CRITICAL] CWE-119 CVE-2015-9066: In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure.

CVE-2015-9063 [CRITICAL] CWE-119 CVE-2015-9063: In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client.

CVE-2016-10385 [CRITICAL] CWE-416 CVE-2016-10385: In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vul In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.

CVE-2014-9971 [CRITICAL] CWE-20 CVE-2014-9971: In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts ca In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.