diff --git a/2017/15xxx/CVE-2017-15841.json b/2017/15xxx/CVE-2017-15841.json index c7f69cb3b9d..cf498a3f987 100644 --- a/2017/15xxx/CVE-2017-15841.json +++ b/2017/15xxx/CVE-2017-15841.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-15841", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-15841", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 410/12" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 427" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 435" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 615/16/SD 415" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 650/52" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "Snapdragon_High_Med_2016" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE285: Improper Authorization" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "When HOST sends a Special command ID packet, Controller triggers a RAM Dump and FW reset in Snapdragon Mobile in version SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, Snapdragon_High_Med_2016." } ] } diff --git a/2017/18xxx/CVE-2017-18131.json b/2017/18xxx/CVE-2017-18131.json index 884137e5119..f917a218655 100644 --- a/2017/18xxx/CVE-2017-18131.json +++ b/2017/18xxx/CVE-2017-18131.json @@ -1,17 +1,127 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18131", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18131", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MSM8996AU" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 410/12" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 427" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 435" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 615/16/SD 415" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 820A" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SD 845" + }, + { + "version_value": "SDM429" + }, + { + "version_value": "SDM439" + }, + { + "version_value": "SDM630" + }, + { + "version_value": "SDM632" + }, + { + "version_value": "SDM636" + }, + { + "version_value": "SDM660" + }, + { + "version_value": "Snapdragon_High_Med_2016" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE823: Use of Out-of-range Pointer Offset" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016." } ] } diff --git a/2017/18xxx/CVE-2017-18156.json b/2017/18xxx/CVE-2017-18156.json index d5604c48c4d..a67d5a7467c 100644 --- a/2017/18xxx/CVE-2017-18156.json +++ b/2017/18xxx/CVE-2017-18156.json @@ -1,17 +1,88 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18156", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18156", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "MSM8996AU" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 820A" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SDX20" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20." } ] } diff --git a/2017/18xxx/CVE-2017-18157.json b/2017/18xxx/CVE-2017-18157.json index fd2af9c74ee..83ee0eaf3d4 100644 --- a/2017/18xxx/CVE-2017-18157.json +++ b/2017/18xxx/CVE-2017-18157.json @@ -1,17 +1,106 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18157", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18157", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "MSM8909W" + }, + { + "version_value": "MSM8996AU" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 615/16/SD 415" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 650/52" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 820A" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SD 845" + }, + { + "version_value": "SDX20" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20." } ] } diff --git a/2017/18xxx/CVE-2017-18173.json b/2017/18xxx/CVE-2017-18173.json index 91ccab0fc24..ee7af4e6b5d 100644 --- a/2017/18xxx/CVE-2017-18173.json +++ b/2017/18xxx/CVE-2017-18173.json @@ -1,17 +1,97 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18173", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18173", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 425" + }, + { + "version_value": "SD 427" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 435" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 810" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SDM630" + }, + { + "version_value": "SDM636" + }, + { + "version_value": "SDM660" + }, + { + "version_value": "Snapdragon_High_Med_2016" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE190: Integer Overflow or Wraparound" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016." } ] } diff --git a/2017/18xxx/CVE-2017-18274.json b/2017/18xxx/CVE-2017-18274.json index 1ce4f21623e..e36b05a6e41 100644 --- a/2017/18xxx/CVE-2017-18274.json +++ b/2017/18xxx/CVE-2017-18274.json @@ -1,17 +1,97 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18274", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18274", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 617" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 650/52" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 820A" + }, + { + "version_value": "SD 835" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE129: Improper Validation of Array Index" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835" } ] } diff --git a/2017/18xxx/CVE-2017-18275.json b/2017/18xxx/CVE-2017-18275.json index 1a25ad10a86..a2c916e1581 100644 --- a/2017/18xxx/CVE-2017-18275.json +++ b/2017/18xxx/CVE-2017-18275.json @@ -1,17 +1,106 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18275", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18275", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "MSM8909W" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 615/16/SD 415" + }, + { + "version_value": "SD 617" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 650/52" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 820A" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SD 845" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE284: Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845." } ] } diff --git a/2017/18xxx/CVE-2017-18276.json b/2017/18xxx/CVE-2017-18276.json index 161dcdf0a12..778615ae8f8 100644 --- a/2017/18xxx/CVE-2017-18276.json +++ b/2017/18xxx/CVE-2017-18276.json @@ -1,17 +1,79 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18276", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18276", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SD 845" + }, + { + "version_value": "SD 850" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE284: Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850" } ] } diff --git a/2017/18xxx/CVE-2017-18278.json b/2017/18xxx/CVE-2017-18278.json index 12a3bec9bd3..4a73cdf468a 100644 --- a/2017/18xxx/CVE-2017-18278.json +++ b/2017/18xxx/CVE-2017-18278.json @@ -1,17 +1,100 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18278", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18278", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 650/52" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 820A" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SD 845" + }, + { + "version_value": "SD 850" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE680: Integer Overflow to Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850." } ] } diff --git a/2017/18xxx/CVE-2017-18279.json b/2017/18xxx/CVE-2017-18279.json index 41a2692a112..cc32c165729 100644 --- a/2017/18xxx/CVE-2017-18279.json +++ b/2017/18xxx/CVE-2017-18279.json @@ -1,17 +1,160 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-18279", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-18279", + "ASSIGNER": "product-security@qualcomm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Qualcomm Technologies, Inc.", + "product": { + "product_data": [ + { + "product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "FSM9055" + }, + { + "version_value": "FSM9955" + }, + { + "version_value": "IPQ4019" + }, + { + "version_value": "IPQ8064" + }, + { + "version_value": "MDM9206" + }, + { + "version_value": "MDM9607" + }, + { + "version_value": "MDM9640" + }, + { + "version_value": "MDM9650" + }, + { + "version_value": "MSM8909W" + }, + { + "version_value": "MSM8996AU" + }, + { + "version_value": "QCA9531" + }, + { + "version_value": "QCA9558" + }, + { + "version_value": "QCA9563" + }, + { + "version_value": "QCA9880" + }, + { + "version_value": "QCA9886" + }, + { + "version_value": "QCA9980" + }, + { + "version_value": "SD 210/SD 212/SD 205" + }, + { + "version_value": "SD 425" + }, + { + "version_value": "SD 427" + }, + { + "version_value": "SD 430" + }, + { + "version_value": "SD 435" + }, + { + "version_value": "SD 450" + }, + { + "version_value": "SD 615/16/SD 415" + }, + { + "version_value": "SD 625" + }, + { + "version_value": "SD 650/52" + }, + { + "version_value": "SD 800" + }, + { + "version_value": "SD 810" + }, + { + "version_value": "SD 820" + }, + { + "version_value": "SD 835" + }, + { + "version_value": "SDM630" + }, + { + "version_value": "SDM636" + }, + { + "version_value": "SDM660" + }, + { + "version_value": "SDX20" + }, + { + "version_value": "Snapdragon_High_Med_2016" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE680: Integer Overflow to Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016." } ] } diff --git a/2019/3xxx/CVE-2019-3883.json b/2019/3xxx/CVE-2019-3883.json index 1494b3eb28d..439956436c3 100644 --- a/2019/3xxx/CVE-2019-3883.json +++ b/2019/3xxx/CVE-2019-3883.json @@ -58,6 +58,11 @@ "url": "https://pagure.io/389-ds-base/pull-request/50331", "name": "https://pagure.io/389-ds-base/pull-request/50331", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190506 [SECURITY] [DLA 1779-1] 389-ds-base security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00008.html" } ] },