From c291dbb52f7f2987d70d54a2ce71d7c2839228cc Mon Sep 17 00:00:00 2001 From: QC-CNA <41291997+QC-CNA@users.noreply.github.com> Date: Thu, 4 Apr 2019 14:29:49 +0530 Subject: [PATCH] Removed CVE-2017-8252,CVE-2018-11817 and CVE-2018-13917 --- 2017/8xxx/CVE-2017-8252.json | 73 +++++++--------------------------- 2018/11xxx/CVE-2018-11817.json | 73 +++++++--------------------------- 2018/13xxx/CVE-2018-13917.json | 73 +++++++--------------------------- 3 files changed, 45 insertions(+), 174 deletions(-) diff --git a/2017/8xxx/CVE-2017-8252.json b/2017/8xxx/CVE-2017-8252.json index db780eaa535..b40e25d624c 100644 --- a/2017/8xxx/CVE-2017-8252.json +++ b/2017/8xxx/CVE-2017-8252.json @@ -1,62 +1,19 @@ { - "CVE_data_meta": { - "ASSIGNER": "product-security@qualcomm.com", - "ID": "CVE-2017-8252", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8252", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product": { - "product_data": [ - { - "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", - "version": { - "version_data": [ - { - "version_value": "IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130" - } - ] - } - } - ] - }, - "vendor_name": "Qualcomm, Inc." + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper Authorization vulnerability in TrustZone" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2", - "refsource": "CONFIRM", - "url": "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2" - } - ] - } + ] + } } + diff --git a/2018/11xxx/CVE-2018-11817.json b/2018/11xxx/CVE-2018-11817.json index da0197a392d..437b56ebb3c 100644 --- a/2018/11xxx/CVE-2018-11817.json +++ b/2018/11xxx/CVE-2018-11817.json @@ -1,62 +1,19 @@ { - "CVE_data_meta": { - "ASSIGNER": "product-security@qualcomm.com", - "ID": "CVE-2018-11817", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11817", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product": { - "product_data": [ - { - "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables", - "version": { - "version_data": [ - { - "version_value": "MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX20, SDX24" - } - ] - } - } - ] - }, - "vendor_name": "Qualcomm, Inc." + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "User can offload modules and bypass the android permission model by getting access to the DSP peripherals in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX20, SDX24" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper Access Control vulnerability in DSP" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2", - "refsource": "CONFIRM", - "url": "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2" - } - ] - } + ] + } } + diff --git a/2018/13xxx/CVE-2018-13917.json b/2018/13xxx/CVE-2018-13917.json index 9ace41cf50c..0a28868b64c 100644 --- a/2018/13xxx/CVE-2018-13917.json +++ b/2018/13xxx/CVE-2018-13917.json @@ -1,62 +1,19 @@ { - "CVE_data_meta": { - "ASSIGNER": "product-security@qualcomm.com", - "ID": "CVE-2018-13917", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13917", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product": { - "product_data": [ - { - "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking,", - "version": { - "version_data": [ - { - "version_value": "IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA8081, QCA9531, QCA9880, QCA9886, QCA9980, QCN5502, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, SXR1130" - } - ] - } - } - ] - }, - "vendor_name": "Qualcomm, Inc." + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Race condition while handling sockets in kernel can lead to use-after-free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking, in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA8081, QCA9531, QCA9880, QCA9886, QCA9980, QCN5502, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, SXR1130" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Use After Free vulnerability in sock_rfree module" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2", - "refsource": "CONFIRM", - "url": "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2" - } - ] - } + ] + } } +