CVE-2019-10527 (apq8009_firmware, apq8017_firmware, apq8053_firmware, apq8096au_firmware, apq8098_firmware, bitra_firmware, ipq6018_firmware, ipq8074_firmware, kamorta_firmware, mdm9150_firmware, mdm9205_firmware, mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, mdm9640_firmware, mdm9650_firmware, msm8905_firmware, msm8909_firmware, msm8909w_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, msm8996_firmware, msm8996au_firmware, msm8998_firmware, nicobar_firmware, qca4531_firmware, qca6574au_firmware, qca8081_firmware, qcm2150_firmware, qcn7605_firmware, qcn7606_firmware, qcs404_firmware, qcs405_firmware, qcs605_firmware, qcs610_firmware, qm215_firmware, rennell_firmware, sa415m_firmware, sa515m_firmware, sa6155p_firmware, saipan_firmware, sc7180_firmware, sc8180x_firmware, sda660_firmware, sda845_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm630_firmware, sdm632_firmware, sdm636_firmware, sdm660_firmware, sdm670_firmware, sdm710_firmware, sdm845_firmware, sdm850_firmware, sdx20_firmware, sdx24_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8150_firmware, sm8250_firmware, sxr1130_firmware, sxr2130_firmware)

u’SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6574AU, QCA8081, QCM2150, QCN7605, QCN7606, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

View Full Alert

CVE-2019-10549 (msm8905_firmware, msm8909_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, nicobar_firmware, qcm2150_firmware, qm215_firmware, rennell_firmware, sc8180x_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm632_firmware, sdx24_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8150_firmware)
Null pointer dereference issue can happen due to improper validation of CSEQ header response received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
CVE-2018-13916 (apq8009_firmware, apq8017_firmware, apq8053_firmware, apq8096_firmware, apq8096au_firmware, apq8098_firmware, ipq8074_firmware, mdm9150_firmware, mdm9206_firmware, mdm9607_firmware, mdm9635m_firmware, mdm9640_firmware, mdm9650_firmware, mdm9655_firmware, msm8905_firmware, msm8909_firmware, msm8909w_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, msm8976_firmware, msm8996_firmware, msm8996au_firmware, msm8998_firmware, nicobar_firmware, qca8081_firmware, qcm2150_firmware, qcn7605_firmware, qcs404_firmware, qcs405_firmware, qcs605_firmware, qm215_firmware, sc8180x_firmware, sda660_firmware, sda845_firmware, sdm429_firmware, sdm439_firmware, sdm450_firmware, sdm630_firmware, sdm632_firmware, sdm636_firmware, sdm660_firmware, sdm670_firmware, sdm710_firmware, sdm845_firmware, sdm850_firmware, sdx20_firmware, sdx55_firmware, sm8150_firmware, sm8250_firmware, snapdragon_high_med_2016_firmware, sxr1130_firmware, sxr2130_firmware)
Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…
CVE-2019-14062 (apq8009_firmware, apq8017_firmware, apq8053_firmware, apq8076_firmware, apq8096_firmware, apq8096au_firmware, apq8098_firmware, kamorta_firmware, mdm9150_firmware, mdm9205_firmware, mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, mdm9625_firmware, mdm9635m_firmware, mdm9640_firmware, mdm9645_firmware, mdm9650_firmware, mdm9655_firmware, msm8905_firmware, msm8909_firmware, msm8909w_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, msm8996au_firmware, msm8998_firmware, nicobar_firmware, qcm2150_firmware, qcs605_firmware, qm215_firmware, rennell_firmware, sa415m_firmware, sc7180_firmware, sc8180x_firmware, sda660_firmware, sda845_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm630_firmware, sdm632_firmware, sdm636_firmware, sdm660_firmware, sdm670_firmware, sdm710_firmware, sdm845_firmware, sdm850_firmware, sdx20_firmware, sdx24_firmware, sm6150_firmware, sm7150_firmware, sm8150_firmware, sxr1130_firmware)
Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial…

Related Posts