From 001a907e459f9c9b0ef018e8292e95c2040ad02f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 18 Sep 2018 14:05:02 -0400 Subject: [PATCH] - Synchronized data. --- 2017/15xxx/CVE-2017-15818.json | 7 +++- 2017/15xxx/CVE-2017-15825.json | 13 +++++-- 2017/15xxx/CVE-2017-15828.json | 8 +++-- 2017/15xxx/CVE-2017-15844.json | 8 +++-- 2018/11xxx/CVE-2018-11265.json | 13 +++++-- 2018/11xxx/CVE-2018-11270.json | 13 +++++-- 2018/11xxx/CVE-2018-11273.json | 26 ++++++++++---- 2018/11xxx/CVE-2018-11274.json | 7 +++- 2018/11xxx/CVE-2018-11275.json | 8 +++-- 2018/11xxx/CVE-2018-11276.json | 13 +++++-- 2018/11xxx/CVE-2018-11278.json | 8 +++-- 2018/11xxx/CVE-2018-11280.json | 8 +++-- 2018/11xxx/CVE-2018-11281.json | 18 ++++++++-- 2018/11xxx/CVE-2018-11286.json | 16 +++++---- 2018/11xxx/CVE-2018-11293.json | 13 +++++-- 2018/11xxx/CVE-2018-11294.json | 8 +++-- 2018/11xxx/CVE-2018-11295.json | 13 +++++-- 2018/11xxx/CVE-2018-11296.json | 13 +++++-- 2018/11xxx/CVE-2018-11297.json | 13 +++++-- 2018/11xxx/CVE-2018-11298.json | 13 +++++-- 2018/11xxx/CVE-2018-11299.json | 8 +++-- 2018/11xxx/CVE-2018-11300.json | 21 ++++++++---- 2018/11xxx/CVE-2018-11301.json | 13 +++++-- 2018/11xxx/CVE-2018-11302.json | 8 +++-- 2018/11xxx/CVE-2018-11818.json | 13 +++++-- 2018/11xxx/CVE-2018-11826.json | 8 +++-- 2018/11xxx/CVE-2018-11827.json | 7 +++- 2018/11xxx/CVE-2018-11832.json | 8 +++-- 2018/11xxx/CVE-2018-11836.json | 13 +++++-- 2018/11xxx/CVE-2018-11840.json | 8 +++-- 2018/11xxx/CVE-2018-11842.json | 13 +++++-- 2018/11xxx/CVE-2018-11843.json | 8 +++-- 2018/11xxx/CVE-2018-11851.json | 8 +++-- 2018/11xxx/CVE-2018-11852.json | 8 +++-- 2018/11xxx/CVE-2018-11860.json | 8 +++-- 2018/11xxx/CVE-2018-11863.json | 8 +++-- 2018/11xxx/CVE-2018-11868.json | 8 +++-- 2018/11xxx/CVE-2018-11869.json | 8 +++-- 2018/17xxx/CVE-2018-17176.json | 62 ++++++++++++++++++++++++++++++++++ 2018/17xxx/CVE-2018-17177.json | 62 ++++++++++++++++++++++++++++++++++ 2018/17xxx/CVE-2018-17178.json | 62 ++++++++++++++++++++++++++++++++++ 2018/17xxx/CVE-2018-17179.json | 18 ++++++++++ 2018/17xxx/CVE-2018-17180.json | 18 ++++++++++ 2018/17xxx/CVE-2018-17181.json | 18 ++++++++++ 44 files changed, 570 insertions(+), 85 deletions(-) create mode 100644 2018/17xxx/CVE-2018-17176.json create mode 100644 2018/17xxx/CVE-2018-17177.json create mode 100644 2018/17xxx/CVE-2018-17178.json create mode 100644 2018/17xxx/CVE-2018-17179.json create mode 100644 2018/17xxx/CVE-2018-17180.json create mode 100644 2018/17xxx/CVE-2018-17181.json diff --git a/2017/15xxx/CVE-2017-15818.json b/2017/15xxx/CVE-2017-15818.json index 2b51e9f6c63..6cce1727396 100644 --- a/2017/15xxx/CVE-2017-15818.json +++ b/2017/15xxx/CVE-2017-15818.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=abe4f7042cbdef928ffc152335a17150fb39b096", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=abe4f7042cbdef928ffc152335a17150fb39b096" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", diff --git a/2017/15xxx/CVE-2017-15825.json b/2017/15xxx/CVE-2017-15825.json index 2fd36cbe2ee..9023629f3af 100644 --- a/2017/15xxx/CVE-2017-15825.json +++ b/2017/15xxx/CVE-2017-15825.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While processing a gpt update, an out of bounds memory access may potentially occur." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=252e22c9adb9b59c36e59e00d8b43013facec4d6", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=252e22c9adb9b59c36e59e00d8b43013facec4d6" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2017/15xxx/CVE-2017-15828.json b/2017/15xxx/CVE-2017-15828.json index 2471d8f74cc..d4891faeca2 100644 --- a/2017/15xxx/CVE-2017-15828.json +++ b/2017/15xxx/CVE-2017-15828.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=86ea9e5dd16d918f8960067157012cc15176f82f", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=86ea9e5dd16d918f8960067157012cc15176f82f" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2017/15xxx/CVE-2017-15844.json b/2017/15xxx/CVE-2017-15844.json index dbe44e5c414..82ef856c234 100644 --- a/2017/15xxx/CVE-2017-15844.json +++ b/2017/15xxx/CVE-2017-15844.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While processing the function for writing device values into flash, uninitialized memory can be written to flash." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=19622514c69e798d91e7908090b3d79dfdb14715", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=19622514c69e798d91e7908090b3d79dfdb14715" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11265.json b/2018/11xxx/CVE-2018-11265.json index 79881e8b34b..7497a415301 100644 --- a/2018/11xxx/CVE-2018-11265.json +++ b/2018/11xxx/CVE-2018-11265.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b211b051d7ca226d96b70defe10ac318f768b5b2", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b211b051d7ca226d96b70defe10ac318f768b5b2" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11270.json b/2018/11xxx/CVE-2018-11270.json index 5356a430b4e..59e68f1ab34 100644 --- a/2018/11xxx/CVE-2018-11270.json +++ b/2018/11xxx/CVE-2018-11270.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code. This may result in data corruption." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code. This may result in data corruption." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=d475e1aba3f8be3b135199014549ff9d5c315e1d", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=d475e1aba3f8be3b135199014549ff9d5c315e1d" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11273.json b/2018/11xxx/CVE-2018-11273.json index e4b6dea2d97..1032d9ed9de 100644 --- a/2018/11xxx/CVE-2018-11273.json +++ b/2018/11xxx/CVE-2018-11273.json @@ -11,18 +11,18 @@ "product" : { "product_data" : [ { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", + "product_name" : "n/a", "version" : { "version_data" : [ { - "version_value" : "All Android releases from CAF using the Linux kernel" + "version_value" : "n/a" } ] } } ] }, - "vendor_name" : "Qualcomm, Inc." + "vendor_name" : "n/a" } ] } @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,voice_svc_dev’ is allocated as a device-managed resource. If error ‘cdev_alloc_err’ occurs, ‘device_destroy’ will free all associated resources, including ‘voice_svc_dev’ leading to a double free." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, 'voice_svc_dev' is allocated as a device-managed resource. If error 'cdev_alloc_err' occurs, 'device_destroy' will free all associated resources, including 'voice_svc_dev' leading to a double free." } ] }, @@ -44,7 +44,7 @@ "description" : [ { "lang" : "eng", - "value" : "Double Free in Audio" + "value" : "n/a" } ] } @@ -52,6 +52,21 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=789d4d21c3f1818dcbf74da4a051598e8f53676c", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=789d4d21c3f1818dcbf74da4a051598e8f53676c" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=f34f6271362484c1f87f4176e72a3bfb80ee7711", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=f34f6271362484c1f87f4176e72a3bfb80ee7711" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +75,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11274.json b/2018/11xxx/CVE-2018-11274.json index 4c3725cfe2b..e2e6d8f0bfe 100644 --- a/2018/11xxx/CVE-2018-11274.json +++ b/2018/11xxx/CVE-2018-11274.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Buffer overflow may occur when payload size is extremely large." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d738e60471cca6aa7a0b06a6f5cfb89ad66d1766", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d738e60471cca6aa7a0b06a6f5cfb89ad66d1766" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", diff --git a/2018/11xxx/CVE-2018-11275.json b/2018/11xxx/CVE-2018-11275.json index c87caddd410..29a86d54a5f 100644 --- a/2018/11xxx/CVE-2018-11275.json +++ b/2018/11xxx/CVE-2018-11275.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,When flashing image using FastbootLib if size is not divisible by block size, information leak occurs." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=bf0261ab128f28763258c620bc95ca379a286b59", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=bf0261ab128f28763258c620bc95ca379a286b59" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11276.json b/2018/11xxx/CVE-2018-11276.json index 00eaa55a634..614e0a7ffa4 100644 --- a/2018/11xxx/CVE-2018-11276.json +++ b/2018/11xxx/CVE-2018-11276.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=83a44ca6057bf9c1e36515cded28edc32a4a1501", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=83a44ca6057bf9c1e36515cded28edc32a4a1501" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11278.json b/2018/11xxx/CVE-2018-11278.json index 6e35ede1437..86da664b035 100644 --- a/2018/11xxx/CVE-2018-11278.json +++ b/2018/11xxx/CVE-2018-11278.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/hardware/qcom/media/commit/?id=6c7dbdb2f067bf844beef2c41d9d67cacc3adfa6", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/hardware/qcom/media/commit/?id=6c7dbdb2f067bf844beef2c41d9d67cacc3adfa6" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11280.json b/2018/11xxx/CVE-2018-11280.json index bf0274bf9b9..d19eeee15a8 100644 --- a/2018/11xxx/CVE-2018-11280.json +++ b/2018/11xxx/CVE-2018-11280.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=bd3627dae5f1a34e0284cfe167f61273ecc2f386", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=bd3627dae5f1a34e0284cfe167f61273ecc2f386" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11281.json b/2018/11xxx/CVE-2018-11281.json index 6f500e988fb..97399b92e53 100644 --- a/2018/11xxx/CVE-2018-11281.json +++ b/2018/11xxx/CVE-2018-11281.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will occur." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will occur." } ] }, @@ -52,6 +52,21 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=c9861d16283cb4279de98a6695e0a4e6ea0230cb", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=c9861d16283cb4279de98a6695e0a4e6ea0230cb" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=4bc7311e9ea9145a615184626cc43a8b92e7619c", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=4bc7311e9ea9145a615184626cc43a8b92e7619c" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +75,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11286.json b/2018/11xxx/CVE-2018-11286.json index ba02727919b..e3f5c7ae206 100644 --- a/2018/11xxx/CVE-2018-11286.json +++ b/2018/11xxx/CVE-2018-11286.json @@ -11,18 +11,18 @@ "product" : { "product_data" : [ { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", + "product_name" : "n/a", "version" : { "version_data" : [ { - "version_value" : "All Android releases from CAF using the Linux kernel" + "version_value" : "n/a" } ] } } ] }, - "vendor_name" : "Qualcomm, Inc." + "vendor_name" : "n/a" } ] } @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While accessing global variable “debug_client” in multi-thread manner, Use after free issue occurs" + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing global variable \"debug_client\" in multi-thread manner, Use after free issue occurs" } ] }, @@ -44,7 +44,7 @@ "description" : [ { "lang" : "eng", - "value" : "Use After Free in Video" + "value" : "n/a" } ] } @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59ba3de38f8ffc5484898703d20b33980d29a41c", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=59ba3de38f8ffc5484898703d20b33980d29a41c" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11293.json b/2018/11xxx/CVE-2018-11293.json index 046ba36a195..56f79d0903f 100644 --- a/2018/11xxx/CVE-2018-11293.json +++ b/2018/11xxx/CVE-2018-11293.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,In wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. If they are not checked, it may cause buffer over-read once the value is too large." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. If they are not checked, it may cause buffer over-read once the value is too large." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=6fb7ac8d49631cdd09dbe72669d1a660dfce3bdb", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=6fb7ac8d49631cdd09dbe72669d1a660dfce3bdb" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11294.json b/2018/11xxx/CVE-2018-11294.json index daf6b92ada0..1304064cdfd 100644 --- a/2018/11xxx/CVE-2018-11294.json +++ b/2018/11xxx/CVE-2018-11294.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,WLAN handler indication from the firmware gets the information for 4 access categories. While processing this information only the first 3 AC information is copied due to the improper conditional logic used to compare with the max number of categories." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories. While processing this information only the first 3 AC information is copied due to the improper conditional logic used to compare with the max number of categories." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fc7f79288ba28e82d04153763023b69755d6c3a1", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fc7f79288ba28e82d04153763023b69755d6c3a1" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11295.json b/2018/11xxx/CVE-2018-11295.json index 8e7ff180780..40c192bcf92 100644 --- a/2018/11xxx/CVE-2018-11295.json +++ b/2018/11xxx/CVE-2018-11295.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds the max length , an OOB write would happen." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds the max length, an OOB write would happen." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e262728243f98d8a3578eb157cbc39580004de4f", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e262728243f98d8a3578eb157cbc39580004de4f" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11296.json b/2018/11xxx/CVE-2018-11296.json index 06c81359f2b..3661b9c329d 100644 --- a/2018/11xxx/CVE-2018-11296.json +++ b/2018/11xxx/CVE-2018-11296.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While processing a message from firmware in WLAN handler, a buffer overwrite can occur." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0b0c18b45d1a39f9f33172d3c22f5b8031fe564e", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0b0c18b45d1a39f9f33172d3c22f5b8031fe564e" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11297.json b/2018/11xxx/CVE-2018-11297.json index c74c94f60ef..2897abb9abc 100644 --- a/2018/11xxx/CVE-2018-11297.json +++ b/2018/11xxx/CVE-2018-11297.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,A buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is recieved from FW." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c708606086490ca9b8fc1077f18782891a595ba9", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c708606086490ca9b8fc1077f18782891a595ba9" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11298.json b/2018/11xxx/CVE-2018-11298.json index c45c5104d21..7dda173d1b5 100644 --- a/2018/11xxx/CVE-2018-11298.json +++ b/2018/11xxx/CVE-2018-11298.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen is used to get realm string length to construct the PASSPOINT WMA command." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen is used to get realm string length to construct the PASSPOINT WMA command." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9074c6cfb9c0bbfe279394eec0d3176c4f75ce80", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9074c6cfb9c0bbfe279394eec0d3176c4f75ce80" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11299.json b/2018/11xxx/CVE-2018-11299.json index f0870201623..de2982d9300 100644 --- a/2018/11xxx/CVE-2018-11299.json +++ b/2018/11xxx/CVE-2018-11299.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,When WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=409d269c3464a84d9274bc0831031b2216b1060", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=409d269c3464a84d9274bc0831031b2216b1060" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11300.json b/2018/11xxx/CVE-2018-11300.json index eadd8715e00..e1da0897a8c 100644 --- a/2018/11xxx/CVE-2018-11300.json +++ b/2018/11xxx/CVE-2018-11300.json @@ -11,18 +11,18 @@ "product" : { "product_data" : [ { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", + "product_name" : "n/a", "version" : { "version_data" : [ { - "version_value" : "All Android releases from CAF using the Linux kernel" + "version_value" : "n/a" } ] } } ] }, - "vendor_name" : "Qualcomm, Inc." + "vendor_name" : "n/a" } ] } @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Callback executed from the other thread has freed memory which is also used in wlan fucntion and may result in to a “Use after free” scenario." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a \"Use after free\" scenario." } ] }, @@ -44,7 +44,7 @@ "description" : [ { "lang" : "eng", - "value" : "Possible Use After Free in WLAN" + "value" : "n/a" } ] } @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=1f111832dc93bc639538dc173397b30af329b130", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=1f111832dc93bc639538dc173397b30af329b130" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11301.json b/2018/11xxx/CVE-2018-11301.json index f5a400a9cdd..adc2e3232d7 100644 --- a/2018/11xxx/CVE-2018-11301.json +++ b/2018/11xxx/CVE-2018-11301.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=31ad3a5a7458e60f5e0ba4f492cebe1f1bda0964", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=31ad3a5a7458e60f5e0ba4f492cebe1f1bda0964" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11302.json b/2018/11xxx/CVE-2018-11302.json index 73973766788..d8bb5509087 100644 --- a/2018/11xxx/CVE-2018-11302.json +++ b/2018/11xxx/CVE-2018-11302.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=4178ed2227bbc48d4313bc4e7d604d2813c0d9f4", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=4178ed2227bbc48d4313bc4e7d604d2813c0d9f4" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11818.json b/2018/11xxx/CVE-2018-11818.json index f5a79644d31..ecfbade83c4 100644 --- a/2018/11xxx/CVE-2018-11818.json +++ b/2018/11xxx/CVE-2018-11818.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race condition." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race condition." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7d1e40be0f7da526f1109005383aa55f5646fc13", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7d1e40be0f7da526f1109005383aa55f5646fc13" + }, + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=999bfde119d881a09218eb045d41fb83e67f0d10", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=999bfde119d881a09218eb045d41fb83e67f0d10" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11826.json b/2018/11xxx/CVE-2018-11826.json index 20299dc626b..3c6bcee4447 100644 --- a/2018/11xxx/CVE-2018-11826.json +++ b/2018/11xxx/CVE-2018-11826.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=650afe0c0ec2f566c9546b3b8e400b36fcf44aed", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=650afe0c0ec2f566c9546b3b8e400b36fcf44aed" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11827.json b/2018/11xxx/CVE-2018-11827.json index dc722ece73d..5385e7eddbb 100644 --- a/2018/11xxx/CVE-2018-11827.json +++ b/2018/11xxx/CVE-2018-11827.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Improper Validation of array index in WMA roam synchronization handler can lead to OOB write." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=4c74687be66c19be0b9bd83d78d033dff5d1a9ae", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=4c74687be66c19be0b9bd83d78d033dff5d1a9ae" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", diff --git a/2018/11xxx/CVE-2018-11832.json b/2018/11xxx/CVE-2018-11832.json index 0ae16774bba..50c1edc4bfd 100644 --- a/2018/11xxx/CVE-2018-11832.json +++ b/2018/11xxx/CVE-2018-11832.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of input size validation before copying to buffer in PMIC function can lead to heap overflow." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=492fdce2626efc01004bea4aed4ea89b7c5cb5b3", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=492fdce2626efc01004bea4aed4ea89b7c5cb5b3" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11836.json b/2018/11xxx/CVE-2018-11836.json index f8f5fa26671..dbf8b67600f 100644 --- a/2018/11xxx/CVE-2018-11836.json +++ b/2018/11xxx/CVE-2018-11836.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Improper length check can lead to out-of-bounds acess in WLAN function." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9d703c0815b2b260592bc8b91d907aeef7962eb7", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9d703c0815b2b260592bc8b91d907aeef7962eb7" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11840.json b/2018/11xxx/CVE-2018-11840.json index 7cf283fa11a..b308c4d8a03 100644 --- a/2018/11xxx/CVE-2018-11840.json +++ b/2018/11xxx/CVE-2018-11840.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,While processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a3d53bb977b907a5d11d22cad3f8ebf3f1d2b1ed", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a3d53bb977b907a5d11d22cad3f8ebf3f1d2b1ed" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11842.json b/2018/11xxx/CVE-2018-11842.json index 87d61fe5cd0..32e47c9f010 100644 --- a/2018/11xxx/CVE-2018-11842.json +++ b/2018/11xxx/CVE-2018-11842.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,During wlan association , driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated." } ] }, @@ -52,6 +52,16 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components", + "refsource" : "CONFIRM", + "url" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components" + }, + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=5eea70b9d5852e468467c1565927dbe0c76d8674", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=5eea70b9d5852e468467c1565927dbe0c76d8674" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +70,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11843.json b/2018/11xxx/CVE-2018-11843.json index 71c4c930497..b08dddda050 100644 --- a/2018/11xxx/CVE-2018-11843.json +++ b/2018/11xxx/CVE-2018-11843.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack fo check on return value in WMA response handler can lead to potential use after free." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ddc0e519f59fda7a8e17355ad6c3b00b8808542e", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ddc0e519f59fda7a8e17355ad6c3b00b8808542e" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11851.json b/2018/11xxx/CVE-2018-11851.json index 13292e5f8ff..13a74a1e693 100644 --- a/2018/11xxx/CVE-2018-11851.json +++ b/2018/11xxx/CVE-2018-11851.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0f6839316f43d48833750667b979aec11558abc0", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0f6839316f43d48833750667b979aec11558abc0" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11852.json b/2018/11xxx/CVE-2018-11852.json index 67cb5a7842f..51334588643 100644 --- a/2018/11xxx/CVE-2018-11852.json +++ b/2018/11xxx/CVE-2018-11852.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=92fbe31eb6b356a1f673515cb1e63b6eaf245143", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=92fbe31eb6b356a1f673515cb1e63b6eaf245143" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11860.json b/2018/11xxx/CVE-2018-11860.json index 496bc4b6b0f..7d92a12f17d 100644 --- a/2018/11xxx/CVE-2018-11860.json +++ b/2018/11xxx/CVE-2018-11860.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,A potential buffer over flow could occur while processing the ndp event due to lack of check on the message length." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=7a8639875bb01bca2dcac7bda9e5d986fbf8683f", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=7a8639875bb01bca2dcac7bda9e5d986fbf8683f" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11863.json b/2018/11xxx/CVE-2018-11863.json index 255071ce6fc..a4a40938072 100644 --- a/2018/11xxx/CVE-2018-11863.json +++ b/2018/11xxx/CVE-2018-11863.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=33abba90b5c570a8334110ff7e1f696908465fd3", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=33abba90b5c570a8334110ff7e1f696908465fd3" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11868.json b/2018/11xxx/CVE-2018-11868.json index bc5988a0c48..9d30830e454 100644 --- a/2018/11xxx/CVE-2018-11868.json +++ b/2018/11xxx/CVE-2018-11868.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8a0be9d79cfaa4c4df2695023ba518c540381e80", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8a0be9d79cfaa4c4df2695023ba518c540381e80" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/11xxx/CVE-2018-11869.json b/2018/11xxx/CVE-2018-11869.json index e2dc5fc1d26..79026405992 100644 --- a/2018/11xxx/CVE-2018-11869.json +++ b/2018/11xxx/CVE-2018-11869.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel,Lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler." } ] }, @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e359db47f1e334886eaaf1d71a4754dd312be01c", + "refsource" : "CONFIRM", + "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e359db47f1e334886eaaf1d71a4754dd312be01c" + }, { "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", "refsource" : "CONFIRM", @@ -60,4 +65,3 @@ ] } } - diff --git a/2018/17xxx/CVE-2018-17176.json b/2018/17xxx/CVE-2018-17176.json new file mode 100644 index 00000000000..f75aff08c94 --- /dev/null +++ b/2018/17xxx/CVE-2018-17176.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17176", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners", + "refsource" : "MISC", + "url" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners" + } + ] + } +} diff --git a/2018/17xxx/CVE-2018-17177.json b/2018/17xxx/CVE-2018-17177.json new file mode 100644 index 00000000000..bc83767e2dd --- /dev/null +++ b/2018/17xxx/CVE-2018-17177.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17177", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called \"black box\" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character password of *^JEd4W!I that is obfuscated by hiding it within a custom /bin/rc4_crypt binary." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners", + "refsource" : "MISC", + "url" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners" + } + ] + } +} diff --git a/2018/17xxx/CVE-2018-17178.json b/2018/17xxx/CVE-2018-17178.json new file mode 100644 index 00000000000..7c5fb5c64ea --- /dev/null +++ b/2018/17xxx/CVE-2018-17178.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17178", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands (sent to /bin/webserver on port 8081) if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though the web socket replies with { \"message\" : \"invalid authorization header\" }. Without an active session, commands are still interpreted, but (except for eco-on and eco-off) have no effect, since without active driving, a driving direction does not change anything." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners", + "refsource" : "MISC", + "url" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners" + } + ] + } +} diff --git a/2018/17xxx/CVE-2018-17179.json b/2018/17xxx/CVE-2018-17179.json new file mode 100644 index 00000000000..aebaccf5d4c --- /dev/null +++ b/2018/17xxx/CVE-2018-17179.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17179", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/17xxx/CVE-2018-17180.json b/2018/17xxx/CVE-2018-17180.json new file mode 100644 index 00000000000..b1138bea887 --- /dev/null +++ b/2018/17xxx/CVE-2018-17180.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17180", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/17xxx/CVE-2018-17181.json b/2018/17xxx/CVE-2018-17181.json new file mode 100644 index 00000000000..fafed7ae8bc --- /dev/null +++ b/2018/17xxx/CVE-2018-17181.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17181", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}