CVE-2017-18157

CVE-2017-18157 is described as a Use After Free condition in the Thermal Engine affecting Snapdragon Automotive, Mobile, and Wear platforms (list includes MDM9206, MDM9607, MDM9650, MSM89xx series, SD 210–835, SDX20, etc.). The connected sources corroborate the presence of a use-after-free in the...

CVE-2017-15841

When HOST sends a Special command ID packet, Controller triggers a RAM Dump and FW reset in Snapdragon Mobile in version SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SnapdragonHighMed2016...

CVE-2017-18302

CVE-2017-18302 affects Qualcomm Snapdragon SoCs (MSM8996AU and numerous SD/i variants listed) where a crafted HLOS client can modify in-memory structures passed to a QSEE application between check and use. This leads to arbitrary writes to TZ kernel memory regions, i.e., local elevation of privil...

CVE-2016-10438

CVE-2016-10438 is an information exposure issue in Android devices affected by Qualcomm Small Cell SoC, Snapdragon Mobile and Wear FSM9055, IPQ4019/IPQ8064, and various SD/SoC families. The root cause is logging of debug statements using %p, which could expose kernel or driver pointers. The repor...