191 matches found
Buffer overflow
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow...
Integer overflow
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wmatbttoffsetupdateeventhandler, a parameter received from firmware is used to allocate memory for a local buffer and ...
Buffer overflow
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, compromised WLAN FW can potentially cause a buffer overwrite...
CVE-2017-14894
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wmavdevstartresphandler, vdev id is received from firmware as part of WMIVDEVSTARTRESPEVENTID. This vdev id can be greater than max...
Buffer overflow
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdevmap value is not properly validated leading to a potential buffer overwrite in function...
CVE-2017-18147
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated...
Buffer overflow
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wmavdevstartresphandler, vdev id is received from firmware as part of WMIVDEVSTARTRESPEVENTID. This vdev id can be greater than max...
CVE-2017-17770
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an Untrusted Pointer Dereference may potentially occur...
Code injection
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated...
CVE-2018-3566
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overwrite may occur in ProcSetReqInternal due to missing length check...
CVE-2018-5824
In CVE-2018-5824, Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF-based Linux kernels prior to the 2018-04-05 patch level are vulnerable to a buffer overflow when processing HTT_T2H_MSG_TYPE_RX_FLUSH or HTT_T2H_MSG_TYPE_RX_PN_IND messages if the firmware tid value is out of r...
CVE-2017-18147
CVE-2017-18147 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds from CAF using the Linux kernel prior to the 2018-04-05 patch level. In MMCP, a downlink message is not properly validated, enabling potential network-based impact without authentication. CVSS metrics indi...
CVE-2018-5825
CVE-2018-5825 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernels prior to the 2018-04-05 patch level. The kernel IPA driver contains a Use-After-Free condition in the IPA subsystem, as described in the NVD record. The vulnerability is rated with CV...
CVE-2018-3584
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnetusbctrlinit...
CVE-2018-5823
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow...
CVE-2018-5824
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing HTTT2HMSGTYPERXFLUSH or HTTT2HMSGTYPERXPNIND messages, a buffer overflow can occur if the tid value obtained from the...
CVE-2017-14894
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wmavdevstartresphandler, vdev id is received from firmware as part of WMIVDEVSTARTRESPEVENTID. This vdev id can be greater than max...
CVE-2017-15822
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur...
CVE-2017-11075
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmdpkt and regpkt are called from different userspace threads, a use after free condition can potentially occur in wdspglinkwrite...
CVE-2017-17770
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an Untrusted Pointer Dereference may potentially occur...