CVE-2015-9192

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD...

CVE-2014-10056

Concrete technical details found: CVE-2014-10056 is an Android/OpenCL-related buffer overflow affecting OpenCL applications that call clBuildProgram() with a CL_DEVICE_TYPE_CPU in the device_list, on Qualcomm CPUs SD 210/212/205 (Android prior to 2018-04-05 SPL). The CNVD-2018-08830 entry confirm...

CVE-2015-9158

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...

CVE-2016-10439

The CVE-2016-10439 issue is a TOCTOU vulnerability in the bulletin_board_read input validation on Qualcomm Snapdragon Automotive and Mobile platforms (SD 425, 430, 450, 625, 650/52, 820, 820A) where a pointer dereference may be validated after the HLOS could modify the pointer. Affected Android r...

CVE-2016-10435

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD...

CVE-2016-10481

CVE-2016-10481 affects Qualcomm WLAN firmware in Android devices; when WLAN FW receives the WMI_STA_SMPS_PARAM_CMDID ioctl in a not-associated state and the virtual channel handle is unassigned, the code does not null-check the handle, causing an assert. The entry is mapped to a high-severity, ne...

CVE-2016-10437

CVE-2016-10437 is an information-disclosure vulnerability affecting Android devices with Qualcomm networking components. In affected Android versions prior to 2018-04-05 patch level (and related patches for various Qualcomm SoCs such as Small Cell, Snapdragon Mobile/Wear families and SDR devices ...

CVE-2016-10426

CVE-2016-10426 documents a buffer overflow in SafeSwitch affecting Android devices powered by Qualcomm Snapdragon (Automobile and Mobile) across multiple SD cores (410/12, 425, 430, 450, 617, 625, 650/52, 810, 820, 820A). Root cause is a buffer overflow in SafeSwitch; exploitation details are not...

CVE-2016-10422

CVE-2016-10422 affects Android devices (Qualcomm Small Cell SoC, Snapdragon lines, SDx platforms) with an underlying issue described as improper access control in a system call that leads to unauthorized access. The entry documents this vulnerability across multiple Qualcomm/Android components an...

CVE-2015-9174

CVE-2015-9174 describes a memory overwrite risk in QSEE due to lack of validation of a return value before buffer allocation. Affected Qualcomm Snapdragon Mobile devices include SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810. CVSS shows 3.0 base score 9.8 (CRITICAL) with network attack ...

CVE-2015-9157

CVE-2015-9157 describes a race-condition in Android Qualcomm widevine support where rsp buffers passed to widevine commands in widevine_dash_cmd_handler() can be read or overflowed due to memory not being locked during time-of-check/time-of-use. Affected are Android devices with Qualcomm Snapdrag...

CVE-2015-9144

CVE-2015-9144 concerns a buffer overflow in Android on Qualcomm Snapdragon Mobile and Snapdragon Wear platforms (e.g., MDM9206/9607/9615/9625/9635M/9640/9645/9650/9655, MSM8909W, SD family up to SDX20) during processing of scheduling message information. Root cause: overflow in a scheduling-messa...

CVE-2015-9138

CVE-2015-9138 affects Android devices with Qualcomm-based SoCs. The issue arises when performing RSA encryption: the ce_util_to_unsigned_bin function uses the input address (c) instead of the buffer size, which can cause a logic overrun and potentially a buffer overflow. The vulnerability is desc...

CVE-2014-10043

CVE-2014-10043 affects Android devices with Qualcomm Snapdragon Mobile/Wear platforms (e.g., MSM8909W, SD 210/212/205, SD 400/410/12/800). The issue is a buffer over-read when reading PlayReady rights string information from a command buffer (sent from non-secure side) if the rights string length...

CVE-2016-10483

CVE-2016-10483 affects Android devices with Qualcomm Snapdragon Mobile SoCs (SD 410/12, SD 615/16, SD 415, SD 808, SD 810). Root cause is improper input validation while processing SCM Command, leading to unauthorized memory access. According to the Android bulletin, these issues were addressed w...

Don’t Trust Android OEM Patching, Claims Researcher

Many Android device manufacturers are not telling the truth when they say they have patched phone vulnerabilities in new updates, researchers found. Karsten Nohl and Jakob Lell, researchers with Security Research Labs, told Threatpost they have tested the firmware on close to 3,000 phones and fou...

CVE-2017-18146

CVE-2017-18146 affects Android on Qualcomm Snapdragon platforms (Automobile, Mobile, Wear; various SDM/MDM/SD chips). In vulnerable builds prior to the 2018-04-05 patch level, ECDSA signature verification can fail in corner cases, potentially impacting message authentication. The issue is listed ...

CVE-2017-13293

CVE-2017-13293 affects Android kernel NFC driver. In the nfc_hci_cmd_received() function of core.c, there is a missing bounds check that can cause an out-of-bounds write, enabling local elevation of privilege in the kernel without extra execution privileges or user interaction. The connected Andr...

Google’s April Android Security Bulletin Warns of 9 Critical Bugs

Nine vulnerabilities rated critical were patched as part of Google’s Android Security Bulletin for April. Critical vulnerabilities ranged from two remote code execution vulnerabilities tied to the Android media framework, to a Qualcomm Wi-Fi component flaw that allowed a nearby attacker to use “a...

CVE-2017-9692

When an atomic commit is issued on a writeback panel with a NULL outputlayer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur...