Latest CVE Feed
-
7.8
HIGHCVE-2018-11850
Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QC... Read more
Affected Products : qca6574au_firmware qca6584au_firmware msm8996au_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware qca6174a_firmware qca9377_firmware mdm9650_firmware +38 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11849
Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531,... Read more
Affected Products : qca6574au_firmware ipq8074_firmware qca6574_firmware qca6584au_firmware qca9886_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware +76 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11847
Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons... Read more
Affected Products : ipq8074_firmware qca8081_firmware sd_8cx_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware +56 more products- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
4.7
MEDIUMCVE-2018-11846
The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850... Read more
Affected Products : android sd_210_firmware sd_212_firmware sd_205_firmware sd_845_firmware sd_850_firmware sd_210 sd_212 sd_845 sd_205 +1 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-11845
Usage of non-time-constant comparison functions can lead to information leakage through side channel analysis in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago... Read more
Affected Products : sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware +70 more products- Published: Feb. 25, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11843
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11842
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11840
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11838
Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice... Read more
Affected Products : sdm660_firmware sdx20_firmware mdm9640_firmware sda660_firmware apq8053_firmware sdm636_firmware apq8053 mdm9640 sdx20 sda660 +2 more products- Published: Mar. 05, 2020
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11836
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11832
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11830
Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 8... Read more
Affected Products : msm8996au_firmware sd_820a_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware mdm9655_firmware sd_410_firmware sd_412_firmware mdm9206 mdm9607 +6 more products- Published: Apr. 04, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11828
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD ... Read more
Affected Products : android sd_450_firmware sd_625_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_425_firmware sd_430_firmware sd_650_firmware sd_652_firmware +9 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11827
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11826
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler.... Read more
Affected Products : android- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11824
A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660... Read more
Affected Products : android sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_845_firmware +11 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11823
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power module.... Read more
Affected Products : android- Published: Nov. 27, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11822
A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660... Read more
Affected Products : android sd_835_firmware sda660_firmware sd_845_firmware sd_850_firmware sda660 sd_835 sd_845 sd_850- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11821
Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, S... Read more
Affected Products : android ipq8074_firmware sdm660_firmware sd_450_firmware sd_625_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware +33 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-11820
Use of non-time constant memcmp function creates side channel that leaks information and leads to cryptographic issues in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, ... Read more
Affected Products : ipq8074_firmware qca8081_firmware sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware +82 more products- Published: Feb. 25, 2019
- Modified: Nov. 21, 2024