Vulnerabilities > Qualcomm > SD 850 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-04-11 CVE-2017-18134 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 845 Firmware and SD 850 Firmware
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a buffer overflow may potentially occur while processing a response from the SIM card.
network
low complexity
qualcomm CWE-119
critical
9.8
2018-04-11 CVE-2017-18135 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur.
network
low complexity
qualcomm CWE-119
critical
9.8
2018-04-11 CVE-2017-18138 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, in GERAN, a buffer overflow may potentially occur.
network
low complexity
qualcomm CWE-119
critical
9.8
2018-04-11 CVE-2017-18139 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, a buffer overflow vulnerability may potentially exist while making an IMS call.
network
low complexity
qualcomm CWE-119
critical
9.8
2018-04-11 CVE-2017-18142 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, while processing the IMS SIP username, a buffer overflow can occur.
network
low complexity
qualcomm CWE-119
critical
9.8
2018-04-11 CVE-2017-18146 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, in some corner cases, ECDSA signature verification can fail.
network
low complexity
qualcomm CWE-347
critical
9.8
2018-04-11 CVE-2018-3589 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket, which can lead to a buffer overflow when the sample buffer is copied to the logPacket buffer.
network
low complexity
qualcomm CWE-119
critical
9.8
2018-04-11 CVE-2018-3592 NULL Pointer Dereference vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, added a change to check if the pointer has been reset to NULL or not, before writing to the memory pointed by the pointer.
network
low complexity
qualcomm CWE-476
critical
9.8
2018-04-11 CVE-2018-3593 Double Free vulnerability in Qualcomm products
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, repeated enable/disable eMBMS requests may result in a double free condition.
network
low complexity
qualcomm CWE-415
critical
9.8