Vulnerabilites related to qualcomm - msm8974
CVE-2015-9179 (GCVE-0-2015-9179)
Vulnerability from cvelistv5
Published
2018-04-18 14:00
Modified
2024-09-16 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer over-read vulnerability in QTEE
Summary
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Mobile |
Version: MSM8974 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:43:41.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MSM8974"
}
]
}
],
"datePublic": "2018-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer over-read vulnerability in QTEE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-19T09:57:01",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "MSM8974"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer over-read vulnerability in QTEE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2015-9179",
"datePublished": "2018-04-18T14:00:00Z",
"dateReserved": "2017-08-16T00:00:00",
"dateUpdated": "2024-09-16T22:30:57.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11268 (GCVE-0-2020-11268)
Vulnerability from cvelistv5
Published
2021-05-07 09:10
Modified
2024-08-04 11:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Input Validation in LTE
Summary
Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Mobile |
Version: APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation in LTE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-07T09:10:31",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2020-11268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Auto, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile"
}
]
},
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation in LTE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2020-11268",
"datePublished": "2021-05-07T09:10:31",
"dateReserved": "2020-03-31T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-04-18 14:29
Modified
2024-11-21 02:39
Severity ?
Summary
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@qualcomm.com | http://www.securityfocus.com/bid/103671 | Third Party Advisory, VDB Entry | |
| product-security@qualcomm.com | https://source.android.com/security/bulletin/2018-04-01 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103671 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2018-04-01 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qualcomm | msm8974_firmware | - | |
| qualcomm | msm8974 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:msm8974_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6755E875-E24B-444C-8CD8-7CAA78A30773",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:msm8974:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA70411-0E39-431C-99C6-F6632C94CCB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability."
},
{
"lang": "es",
"value": "En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile MSM8974, la falta de comprobaci\u00f3n de longitud en OEMCrypto_DeriveKeysFromSessionKey() podr\u00eda conducir a una vulnerabilidad de desbordamiento de b\u00fafer."
}
],
"id": "CVE-2015-9179",
"lastModified": "2024-11-21T02:39:58.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-18T14:29:06.777",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103671"
},
{
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-07 09:15
Modified
2024-11-21 04:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC498E0-B82B-4A53-8F55-6C1DA58AFA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E79D48-F105-4D64-8C8F-88FE0345F5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8074:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51221D96-CF0A-431B-AFEE-E08D8A5BF943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8084:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC2E532-1298-4B43-9EF8-AE37E1338EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8094:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20239319-ACA6-4249-815D-C10D5E39A16A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140FD423-FAC4-4D2D-BCFF-511E0AE8CE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm8215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53F4B19E-78D9-4721-BF1E-C0330888EE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm8215m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF1E79B5-B3B1-4184-8774-A83629129190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm8615m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3CB673-B24C-4594-893B-C582E94AB2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF064C7D-4BB8-419E-A9A2-DD75CD31FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9235m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2306EA19-4EF3-40C1-ADF7-F7137A732C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF11BFFD-C16A-4999-9497-6D89B8F9A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9609:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9F2427-BCDB-45C9-AECE-6DFE5A3C3AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DF4D4E-CDAA-42BB-802E-2722E7F3DBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9615m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5E4BD0-32E1-422E-A841-969FA8D5AC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB323C15-2018-4CB8-858E-56F088B03FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8F856B-70D7-4A1A-8257-90AAAE62CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57963412-14B9-4C0D-AA0D-6928445DB808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF54A14-FDCD-445F-9F51-4AAAA17C392D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8209:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FBCA5AB-07E4-404E-A278-28F6004D2126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD07E12-75FA-40DD-8200-75BF926378C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8274:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78BAD27-17D6-4072-BCC2-176F7F037076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8608:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDED3AA7-576C-4437-A466-D627698F4242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8674:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDAF8F0-1A78-4C23-A3A7-4188C264130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17B34A04-C686-4EC5-8B1C-53A7A5C3B19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8929:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BA466C-EB61-4C03-BF3E-A18448E6326D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8939:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA7A79E-0F04-41E6-8E37-49B2977D92B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8974:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA70411-0E39-431C-99C6-F6632C94CCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8974p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB59C43D-637A-4E04-AB3C-62071388453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8994:-:*:*:*:*:*:*:*",
"matchCriteriaId": "916FAB3E-67C7-4C97-9717-D1507C33323C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E1D946-4EC1-493F-B9AE-0646D86E5483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "068BA3D0-4E7C-435D-9C5D-8015164E81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2950D103-C664-44CE-86FC-49A03861441F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDA1620-8FFC-4DF4-9CBC-188D21581CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8941:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACA25D6-35BF-460F-8A33-8C0975CAC31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8994:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12E3B29A-2A7E-466F-B081-E105352B16FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pmd9635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D94C9DD-08B2-44A4-B789-F9B9D51E7F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pmd9645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F95D237E-FF3D-497B-AC48-FBAEFD4481BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pmi8994:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB63FC0F-DCE3-4F34-8851-3EEBCB52E39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca1990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9136B88F-3C3D-471F-8589-CA0BA4473B4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AD8F5C-1FEB-45C2-BC8F-123C2BEB0EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0C9ED5-27E3-48EC-9A05-862715EE2034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1035:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA96119-0D78-4670-8B22-AD5AEE2C30B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED257DFF-994C-4CD9-96AA-AFE5F15AE929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1045:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15FC09F3-32D6-4FA3-B93F-917B6448B541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1B240-1B14-4C24-8D0A-30C1A76AB687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AFFE5FE-1217-45A8-97AB-8CFF9681E4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "673C190F-A55B-4F25-A8F6-2CB5FB5041AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6793E84B-9F25-420F-8CD4-50BFD7E0947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0862428-695F-4445-AD89-536376E57E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "192EE890-B7E9-4E06-873A-BD84FBB41B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D122C155-690C-4E3D-9725-1073F72AFB36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD27B2D-E6B7-4F01-9B07-D64370EC539C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E73C00-29F6-42C9-9AE0-70B373D9679C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F58DA0F-88A4-4C88-A1A4-0455584D8BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC33174B-9D45-4C82-BDC1-A60B085A4513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D08FE4FD-59EA-4FBC-A254-99B03E1EC582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A6D656-2A27-4F9F-A3BD-80ADD4141716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD1BAE7-58B8-45E5-9CB7-D337BF4F9597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3335:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B890E12C-EE5F-4A93-AAED-CF68949243DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7255B9DD-58B2-4211-B999-558EAE484B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF9AD63-E29A-4719-BF61-FF6AF65AFB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75C7497-A7DC-436B-BACD-71F69D99517D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1D7205-33E9-452B-BECD-F551801071DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C69B9-F0AB-4BF5-A8C2-64FEB7075593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34D7240B-DCB4-4BF4-94C7-13EBECA62D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3660a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3CAD26-4EFA-4A37-9776-01CDB173C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B612B044-C7D1-4662-AB2A-5400E34A3CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wfr1620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4346F2B3-269F-4B14-A305-708847DB2F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wgr7640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DA4BC4-C634-4F62-A49E-5AD8F4FD4672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0424E316-C8EE-420A-8861-F3E7FE178170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1605l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD356D66-BCC8-4235-8EA3-934D5D2A7F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A547E51D-9A43-4BC5-B11F-E3E5403D779C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1625l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9C4823-EEF4-4D65-84DF-3159093B0745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr2605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD196F3-B527-4493-A46E-F85C2F127A93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr2955:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5516E6E3-D8DA-4172-A059-503B369E2034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr3925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27666130-DB04-457F-A968-3919FD5314BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr4605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "863053C1-5C53-4ABB-B494-F4DC01CFDB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr4905:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A503AA01-CFD9-42D5-81D6-2F13E5DDA9A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile"
},
{
"lang": "es",
"value": "Un potencial reinicio de UE al decodificar un Sib1 o SIB1 dise\u00f1ado que programa los SIB no compatibles y puede conllevar a una denegaci\u00f3n de servicio en los productos Snapdragon Auto, Snapdragon Mobile"
}
],
"id": "CVE-2020-11268",
"lastModified": "2024-11-21T04:57:34.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "product-security@qualcomm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-07T09:15:07.773",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}