CVE-2019-10539 (ipq8074_firmware, mdm9206_firmware, mdm9607_firmware, mdm9640_firmware, mdm9650_firmware, msm8996au_firmware, qca6174a_firmware, qca6574_firmware, qca6574au_firmware, qca6584_firmware, qca8081_firmware, qca9379_firmware, qcs404_firmware, qcs405_firmware, qcs605_firmware, qualcomm_215_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_425_firmware, sd_427_firmware, sd_429_firmware, sd_430_firmware, sd_435_firmware, sd_439_firmware, sd_450_firmware, sd_625_firmware, sd_632_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sd_8cx_firmware, sda660_firmware, sdm439_firmware, sdm630_firmware, sdm660_firmware, sdx20_firmware, sdx24_firmware, sxr1130_firmware)

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130

View Full Alert

CVE-2019-2316 (mdm9640_firmware, qcs405_firmware, qcs605_firmware, sd_425_firmware, sd_427_firmware, sd_430_firmware, sd_435_firmware, sd_450_firmware, sd_625_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sdm660_firmware, sdx24_firmware)
When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605,…
CVE-2019-10489 (mdm9206_firmware, mdm9607_firmware, msm8909w_firmware, msm8996au_firmware, qca6574au_firmware, qcs405_firmware, qcs605_firmware, qualcomm_215_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_415_firmware, sd_425_firmware, sd_427_firmware, sd_429_firmware, sd_430_firmware, sd_435_firmware, sd_439_firmware, sd_450_firmware, sd_600_firmware, sd_615_firmware, sd_616_firmware, sd_625_firmware, sd_632_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sda660_firmware, sdm439_firmware, sdm630_firmware, sdm660_firmware, sdx20_firmware)
Possible null-pointer dereference can occur while parsing avi clip during copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,…
CVE-2018-13897 (mdm9206_firmware, mdm9607_firmware, mdm9640_firmware, mdm9650_firmware, msm8909w_firmware, msm8996au_firmware, qcs605_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_415_firmware, sd_615_firmware, sd_616_firmware, sd_625_firmware, sd_636_firmware, sd_650_firmware, sd_652_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_855_firmware, sda660_firmware, sdm630_firmware, sdm660_firmware)
Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

Related Posts