From 8b18480ce79f16c9e6b822543d6d8afd7b47924e Mon Sep 17 00:00:00 2001 From: Sameesh Mukundan Date: Mon, 29 Oct 2018 13:55:41 +0530 Subject: [PATCH] Qualcomm 10/29/2018 CVE publish --- 2017/18xxx/CVE-2017-18281.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11856.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11857.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11858.json | 50 +++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11859.json | 50 +++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11861.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11862.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11865.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11866.json | 50 +++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11867.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11870.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11871.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11872.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11873.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11874.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11875.json | 50 +++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11876.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11877.json | 50 +++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11879.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11880.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11882.json | 51 ++++++++++++++++++++++++++++++++-- 2018/11xxx/CVE-2018-11884.json | 50 +++++++++++++++++++++++++++++++-- 22 files changed, 1050 insertions(+), 66 deletions(-) diff --git a/2017/18xxx/CVE-2017-18281.json b/2017/18xxx/CVE-2017-18281.json index 9391e37a67f..cf888fd1a6b 100644 --- a/2017/18xxx/CVE-2017-18281.json +++ b/2017/18xxx/CVE-2017-18281.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2017-18281", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", + "version" : { + "version_data" : [ + { + "version_value" : "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Use of Out-of-range Pointer Offset in Video" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.codeaurora.org/security-bulletin/2018/10/01/october-2018-code-aurora-security-bulletin", + "refsource" : "CONFIRM", + "url" : "https://www.codeaurora.org/security-bulletin/2018/10/01/october-2018-code-aurora-security-bulletin" } ] } } + diff --git a/2018/11xxx/CVE-2018-11856.json b/2018/11xxx/CVE-2018-11856.json index 2b3b464ccc1..e757cca4f88 100644 --- a/2018/11xxx/CVE-2018-11856.json +++ b/2018/11xxx/CVE-2018-11856.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11856", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11857.json b/2018/11xxx/CVE-2018-11857.json index 72aeb4df552..58b4bea393b 100644 --- a/2018/11xxx/CVE-2018-11857.json +++ b/2018/11xxx/CVE-2018-11857.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11857", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11858.json b/2018/11xxx/CVE-2018-11858.json index 042bb66b678..222d3168f8d 100644 --- a/2018/11xxx/CVE-2018-11858.json +++ b/2018/11xxx/CVE-2018-11858.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11858", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Possible buffer overwrite in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/11xxx/CVE-2018-11859.json b/2018/11xxx/CVE-2018-11859.json index 90f73ed2193..a1d6be0b877 100644 --- a/2018/11xxx/CVE-2018-11859.json +++ b/2018/11xxx/CVE-2018-11859.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11859", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/11xxx/CVE-2018-11861.json b/2018/11xxx/CVE-2018-11861.json index 3ce2bc151e3..2c8fc39f4d3 100644 --- a/2018/11xxx/CVE-2018-11861.json +++ b/2018/11xxx/CVE-2018-11861.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11861", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11862.json b/2018/11xxx/CVE-2018-11862.json index 7513d4f5dd0..b40e53bf9f0 100644 --- a/2018/11xxx/CVE-2018-11862.json +++ b/2018/11xxx/CVE-2018-11862.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11862", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11865.json b/2018/11xxx/CVE-2018-11865.json index 49ecf358bb9..36557d09714 100644 --- a/2018/11xxx/CVE-2018-11865.json +++ b/2018/11xxx/CVE-2018-11865.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11865", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Integer Overflow to Buffer Overflow in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11866.json b/2018/11xxx/CVE-2018-11866.json index ae5e515be9e..692c1334c1c 100644 --- a/2018/11xxx/CVE-2018-11866.json +++ b/2018/11xxx/CVE-2018-11866.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11866", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Integer Overflow to Buffer Overflow in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/11xxx/CVE-2018-11867.json b/2018/11xxx/CVE-2018-11867.json index 19dd71644bc..a5347f55c67 100644 --- a/2018/11xxx/CVE-2018-11867.json +++ b/2018/11xxx/CVE-2018-11867.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11867", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11870.json b/2018/11xxx/CVE-2018-11870.json index 7a399c18a46..b94964c16dd 100644 --- a/2018/11xxx/CVE-2018-11870.json +++ b/2018/11xxx/CVE-2018-11870.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11870", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11871.json b/2018/11xxx/CVE-2018-11871.json index a4603631cf7..ccad65e9458 100644 --- a/2018/11xxx/CVE-2018-11871.json +++ b/2018/11xxx/CVE-2018-11871.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11871", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version" : { + "version_data" : [ + { + "version_value" : "IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overwrite can happen in WLAN function while processing set pdev paramter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11872.json b/2018/11xxx/CVE-2018-11872.json index 642066c494d..ad75d5195fc 100644 --- a/2018/11xxx/CVE-2018-11872.json +++ b/2018/11xxx/CVE-2018-11872.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11872", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11873.json b/2018/11xxx/CVE-2018-11873.json index f5116d56d75..143111c75fb 100644 --- a/2018/11xxx/CVE-2018-11873.json +++ b/2018/11xxx/CVE-2018-11873.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11873", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11874.json b/2018/11xxx/CVE-2018-11874.json index ec1318ec699..7dba7534587 100644 --- a/2018/11xxx/CVE-2018-11874.json +++ b/2018/11xxx/CVE-2018-11874.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11874", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11875.json b/2018/11xxx/CVE-2018-11875.json index 2406672d758..73b3f6099a1 100644 --- a/2018/11xxx/CVE-2018-11875.json +++ b/2018/11xxx/CVE-2018-11875.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11875", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/11xxx/CVE-2018-11876.json b/2018/11xxx/CVE-2018-11876.json index 483e27103cd..8df86adfd5f 100644 --- a/2018/11xxx/CVE-2018-11876.json +++ b/2018/11xxx/CVE-2018-11876.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11876", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11877.json b/2018/11xxx/CVE-2018-11877.json index cd621fea1cc..e71ff6a2524 100644 --- a/2018/11xxx/CVE-2018-11877.json +++ b/2018/11xxx/CVE-2018-11877.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11877", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } diff --git a/2018/11xxx/CVE-2018-11879.json b/2018/11xxx/CVE-2018-11879.json index a303817464d..6ff05ce712a 100644 --- a/2018/11xxx/CVE-2018-11879.json +++ b/2018/11xxx/CVE-2018-11879.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11879", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 845" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Integer Overflow to Buffer Overflow in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11880.json b/2018/11xxx/CVE-2018-11880.json index 4dae8c75318..5e3e95cfc64 100644 --- a/2018/11xxx/CVE-2018-11880.json +++ b/2018/11xxx/CVE-2018-11880.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11880", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11882.json b/2018/11xxx/CVE-2018-11882.json index ae1831c5652..857217929b7 100644 --- a/2018/11xxx/CVE-2018-11882.json +++ b/2018/11xxx/CVE-2018-11882.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11882", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +34,30 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] } } + diff --git a/2018/11xxx/CVE-2018-11884.json b/2018/11xxx/CVE-2018-11884.json index ff58d5cb846..e12ae40e147 100644 --- a/2018/11xxx/CVE-2018-11884.json +++ b/2018/11xxx/CVE-2018-11884.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "product-security@qualcomm.com", "ID" : "CVE-2018-11884", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Snapdragon Mobile", + "version" : { + "version_data" : [ + { + "version_value" : "SD 835, SD 845, SD 850, SDA660" + } + ] + } + } + ] + }, + "vendor_name" : "Qualcomm, Inc." + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.qualcomm.com/company/product-security/bulletins", + "refsource" : "CONFIRM", + "url" : "https://www.qualcomm.com/company/product-security/bulletins" } ] }