cvelist/2017/18xxx/CVE-2017-18294.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "product-security@qualcomm.com",
      "ID" : "CVE-2017-18294",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Qualcomm, Inc."
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Improper Input Validation in QSEECOM Driver"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components",
            "refsource" : "CONFIRM",
            "url" : "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
         },
         {
            "name" : "https://www.qualcomm.com/company/product-security/bulletins",
            "refsource" : "CONFIRM",
            "url" : "https://www.qualcomm.com/company/product-security/bulletins"
         },
         {
            "name" : "1041432",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id/1041432"
         }
      ]
   }
}