CVE-2017-17764

In all Qualcomm products with Android releases from CAF using the Linux kernel, the numfailureinfo value from firmware is not properly validated in wmarxaggrfailureeventhandler so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow...

CVE-2017-9720

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur...

CVE-2017-8280

In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch...

CVE-2017-11002

In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur...

CVE-2017-9685

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition...

CVE-2015-9038

In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end...

Heap overflow

In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read...

CVE-2016-10343

In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak...