CVE-2017-18157

CVE-2017-18157 is described as a Use After Free condition in the Thermal Engine affecting Snapdragon Automotive, Mobile, and Wear platforms (list includes MDM9206, MDM9607, MDM9650, MSM89xx series, SD 210–835, SDX20, etc.). The connected sources corroborate the presence of a use-after-free in the...

CVE-2017-15841

When HOST sends a Special command ID packet, Controller triggers a RAM Dump and FW reset in Snapdragon Mobile in version SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SnapdragonHighMed2016...

CVE-2017-18302

CVE-2017-18302 affects Qualcomm Snapdragon SoCs (MSM8996AU and numerous SD/i variants listed) where a crafted HLOS client can modify in-memory structures passed to a QSEE application between check and use. This leads to arbitrary writes to TZ kernel memory regions, i.e., local elevation of privil...

CVE-2017-18145

CVE-2017-18145 describes a Use-After-Free condition in the DPM native process while handling Android framework events on Qualcomm Snapdragon platforms. The underlying issue is that an iterator pointer is deleted after an event is processed, which can cause a Use After Condition during processing ...