CVE-2019-2316 (mdm9640_firmware, qcs405_firmware, qcs605_firmware, sd_425_firmware, sd_427_firmware, sd_430_firmware, sd_435_firmware, sd_450_firmware, sd_625_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sdm660_firmware, sdx24_firmware)

When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM660, SDX24

View Full Alert

CVE-2019-2314 (msm8909w_firmware, qcs405_firmware, qcs605_firmware, qualcomm_215_firmware, sd_425_firmware, sd_429_firmware, sd_439_firmware, sd_450_firmware, sd_625_firmware, sd_632_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sdm439_firmware, sdm660_firmware, sdx20_firmware, sdx24_firmware)
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
CVE-2018-13927 (mdm9206_firmware, mdm9607_firmware, mdm9650_firmware, mdm9655_firmware, msm8996au_firmware, qcs404_firmware, qcs605_firmware, sd_410_firmware, sd_412_firmware, sd_636_firmware, sd_670_firmware, sd_710_firmware, sd_712_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sd_8cx_firmware, sda660_firmware, sdm630_firmware, sdm660_firmware, sxr1130_firmware)
Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer…
CVE-2018-13897 (mdm9206_firmware, mdm9607_firmware, mdm9640_firmware, mdm9650_firmware, msm8909w_firmware, msm8996au_firmware, qcs605_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_415_firmware, sd_615_firmware, sd_616_firmware, sd_625_firmware, sd_636_firmware, sd_650_firmware, sd_652_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_855_firmware, sda660_firmware, sdm630_firmware, sdm660_firmware)
Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

Related Posts