Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, if cchFriendlyName is greater than TZPRMAXNAMELEN in function playreadyleavedomaingeneratechallenge, a...

Stack overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD...

Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if a client or host sends...

Format string

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD...

CVE-2016-10406

CVE-2016-10406 affects Qualcomm-based Android devices (notably Snapdragon SoCs including MDM9650 and a wide range of SD 210/212/205, 410/12, 430, 450, 615/16/415, 617, 625, 650/52, 808, 810, 820, 835) where printing a pointer in wlan_qmi_err_cb prints the real kernel address regardless of kptr_re...

CVE-2016-10414

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD...

CVE-2015-9169

CVE-2015-9169 describes a buffer over-read in the QSEE app on Android devices with Qualcomm Snapdragon Mobil/Wear platforms (various SD generations listed). The issue could lead to leakage of confidential information. The entry is publicly cataloged in NVD and CVE records, and is addressed by And...

CVE-2015-9181

CVE-2015-9181 is a buffer over-read in a crypto API function affecting multiple Qualcomm Snapdragon platforms (Automobile, Mobile, Wear; SD 210/212/205, 400, 410/12, 425, 430, 450, 615/16/ SD 415, 617, 625, 650/52, 800, 808, 810, 820/820A, 835). Root cause is a memory over-read in the crypto API ...

CVE-2015-9124

CVE-2015-9124 affects Android devices with Qualcomm Snapdragon SoCs (MDM9625/9635M/9640/9645 and SD families 210/212/205, 400, 410/12, 615/16/415, 800, 808, 810). The issue can cause a crash or expose otherwise inaccessible memory contents when accessing an invalid pointer. The Android bulletin c...

CVE-2015-9206

Technical details about CVE-2015-9206 are not publicly provided in the connected documents. The materials available here reiterate the issue description but do not specify affected products, root cause, impact, or remediation. Monitor for updates.

CVE-2015-9190

CVE-2015-9190 describes an integer overflow in boot_clobber_check_local_address_range() on certain Qualcomm Snapdragon platforms (SD 210/212/205, SD 400/410/12/16, SD 600/615/16/SD 415, SD 808, SD 810, IPQ4019, MDM9xx, MSM89xx, etc.). The overflow can bypass the clobber protection check, leading ...

CVE-2015-9202

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2015-9120

CVE-2015-9120 affects Android devices on Qualcomm Snapdragon platforms (Automotive, Mobile, Wear) prior to the 2018-04-05 patch level, where the Core detects an Error Condition Without Action. The issue is tied to multiple Snapdragon SoCs (e.g., IPQ4019, SD 210/212/205, 400/410/12, 425, 430, 450,...

CVE-2015-9144

CVE-2015-9144 concerns a buffer overflow in Android on Qualcomm Snapdragon Mobile and Snapdragon Wear platforms (e.g., MDM9206/9607/9615/9625/9635M/9640/9645/9650/9655, MSM8909W, SD family up to SDX20) during processing of scheduling message information. Root cause: overflow in a scheduling-messa...

CVE-2015-9185

Technical details such as affected products, component, root cause, impact, and fixes are not publicly provided in the supplied documents; monitor for updates.

CVE-2015-9171

CVE-2015-9171 describes a buffer over-read in OEMCrypto_Dash_InstallEncapKeybox() when keyBoxLength exceeds TZ_WV_MAX_DATA_LEN (20k) on various Qualcomm/Android components. Affected: Android devices with Qualcomm Snapdragon Automotive/Mobile/Wear stack listed in the description (multiple SoCs). R...

CVE-2015-9167

CVE-2015-9167 affects Qualcomm Snapdragon platforms (Automobile and Mobile) across SD 410/12, 425, 430, 450, 600, 615/16/415, 617, 625, 650/52, 800, 808, 810, 820, and 820A. Description: an integer underflow in an EMM command can occur. The issue is documented in multiple sources (NVD, CVE lists)...

CVE-2016-10420

CVE-2016-10420 affects Android devices with Qualcomm Snapdragon/mobile platforms listed (e.g., MDM9206/9607/9650 and SD family up to SDX20). The issue arises while playing a .flv clip that lacks an inbuilt seek table, where a dynamic index table access goes out of bounds, causing a crash (availab...

CVE-2017-18072

CVE-2017-18072 affects Android on Qualcomm Snapdragon/mobile platforms (list of affected SoCs) where probe requests from a user’s device reveal information elements that specify supported Wi‑Fi features, creating a potential privacy risk if sniffed. The root cause is the disclosure of Wi‑Fi infor...

CVE-2018-3591

CVE-2018-3591 affects Android on Qualcomm Snapdragon Mobile and Snapdragon Wear platforms prior to the 2018-04-05 patch level. The root cause is that the default BOOT.BF.3.0 device programmer configuration enables the SKIP_SECBOOT_CHECK_NOT_RECOMMENDED_BY_QUALCOMM flag, which exposes peek and pok...