Vulnerabilities > Qualcomm > Msm8909W > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-22 | CVE-2019-2279 | Out-of-bounds Write vulnerability in Qualcomm products Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. | 7.5 |
| 2019-06-14 | CVE-2019-2257 | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm products Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 855, SDA660, SDM660, SDX20, SDX24 | 7.2 |
| 2019-06-14 | CVE-2018-5913 | Cryptographic Issues vulnerability in Qualcomm products A non-time constant function memcmp is used which creates a side channel that could leak information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | 7.2 |
| 2019-06-14 | CVE-2018-3583 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products A buffer overflow can occur while processing an extscan hotlist event in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9379, QCS605, SD 625, SD 636, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20 | 7.2 |
| 2019-06-14 | CVE-2018-13919 | Use After Free vulnerability in Qualcomm products Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS405, QCS605, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX20, SDX24 | 7.2 |
| 2019-06-14 | CVE-2018-11955 | Out-of-bounds Read vulnerability in Qualcomm products Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24 | 7.5 |
| 2019-05-24 | CVE-2018-13920 | Use After Free vulnerability in Qualcomm products Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX24 | 7.2 |
| 2019-05-24 | CVE-2018-13899 | Use After Free vulnerability in Qualcomm products Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 | 7.2 |
| 2019-05-24 | CVE-2018-13895 | Improper Access Control vulnerability in Qualcomm products Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 | 7.2 |
| 2019-05-24 | CVE-2018-11967 | Unspecified vulnerability in Qualcomm products Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | 7.2 |