diff --git a/2017/18xxx/CVE-2017-18315.json b/2017/18xxx/CVE-2017-18315.json index 3e8d8778833..d6f3d844261 100644 --- a/2017/18xxx/CVE-2017-18315.json +++ b/2017/18xxx/CVE-2017-18315.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2017-18315", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 600" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Over-read in Core Services" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2017/18xxx/CVE-2017-18316.json b/2017/18xxx/CVE-2017-18316.json index 64b0590282e..948599e5614 100644 --- a/2017/18xxx/CVE-2017-18316.json +++ b/2017/18xxx/CVE-2017-18316.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2017-18316", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Access Control in Biometrics" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2017/18xxx/CVE-2017-18317.json b/2017/18xxx/CVE-2017-18317.json index 2fbfc928233..1c706f686d6 100644 --- a/2017/18xxx/CVE-2017-18317.json +++ b/2017/18xxx/CVE-2017-18317.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2017-18317", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "MSM8996AU,SD 410/12,SD 820,SD 820A" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Restrictions related to the modem (sim lock, sim kill) can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation in SafeSwitch" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2017/18xxx/CVE-2017-18318.json b/2017/18xxx/CVE-2017-18318.json index 7ba7a5aecb5..74104af3498 100644 --- a/2017/18xxx/CVE-2017-18318.json +++ b/2017/18xxx/CVE-2017-18318.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2017-18318", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation in Broadcast Services" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11264.json b/2018/11xxx/CVE-2018-11264.json index fa7b452ed65..232fa68a937 100644 --- a/2018/11xxx/CVE-2018-11264.json +++ b/2018/11xxx/CVE-2018-11264.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11264", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in Biometrics" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11921.json b/2018/11xxx/CVE-2018-11921.json index a774c5f6139..07805d907e8 100644 --- a/2018/11xxx/CVE-2018-11921.json +++ b/2018/11xxx/CVE-2018-11921.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11921", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Detection of Error Condition Without Action in Content protection" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11994.json b/2018/11xxx/CVE-2018-11994.json index b4318da0655..eca6ea6b75e 100644 --- a/2018/11xxx/CVE-2018-11994.json +++ b/2018/11xxx/CVE-2018-11994.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11994", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Access Control in Kernel" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11996.json b/2018/11xxx/CVE-2018-11996.json index 83fed9d1a2d..b4f9f5496dc 100644 --- a/2018/11xxx/CVE-2018-11996.json +++ b/2018/11xxx/CVE-2018-11996.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11996", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20, SDX24" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20, SDX24." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Validation of Array Index in Storage" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/5xxx/CVE-2018-5870.json b/2018/5xxx/CVE-2018-5870.json index 62a1fc758d7..d1f9f560afc 100644 --- a/2018/5xxx/CVE-2018-5870.json +++ b/2018/5xxx/CVE-2018-5870.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-5870", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SDA660, SDX24" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Untrusted Pointer Dereference in TrustZone" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/5xxx/CVE-2018-5877.json b/2018/5xxx/CVE-2018-5877.json index 6f272668639..35830935113 100644 --- a/2018/5xxx/CVE-2018-5877.json +++ b/2018/5xxx/CVE-2018-5877.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-5877", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Incorrect Calculation of Buffer Size in Boot" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/5xxx/CVE-2018-5912.json b/2018/5xxx/CVE-2018-5912.json index d1f0fb97d87..d549c43048b 100644 --- a/2018/5xxx/CVE-2018-5912.json +++ b/2018/5xxx/CVE-2018-5912.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-5912", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow in Video." + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/5xxx/CVE-2018-5916.json b/2018/5xxx/CVE-2018-5916.json index da10280b0f9..8a3ed8b3e67 100644 --- a/2018/5xxx/CVE-2018-5916.json +++ b/2018/5xxx/CVE-2018-5916.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-5916", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Exposure in MODEM" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/5xxx/CVE-2018-5917.json b/2018/5xxx/CVE-2018-5917.json index 2a5a7bfccd5..598698f3f23 100644 --- a/2018/5xxx/CVE-2018-5917.json +++ b/2018/5xxx/CVE-2018-5917.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-5917", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Possible Buffer Overflow in DRM" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/5xxx/CVE-2018-5918.json b/2018/5xxx/CVE-2018-5918.json index 7261c66eb25..7d59892b044 100644 --- a/2018/5xxx/CVE-2018-5918.json +++ b/2018/5xxx/CVE-2018-5918.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-5918", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Integer Overflow to Buffer Overflow in DRM Trusted Application" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] }