Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
Vector
LOCAL
Complexity
LOW
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Qualcomm Ipq8074 firmware - (not an official CPE)
Qualcomm Mdm9206 firmware - (not an official CPE)
Qualcomm Mdm9607 firmware - (not an official CPE)
Qualcomm Mdm9635m firmware - (not an official CPE)
Qualcomm Mdm9640 firmware - (not an official CPE)
Qualcomm Mdm9650 firmware - (not an official CPE)
Qualcomm Mdm9655 firmware - (not an official CPE)
Qualcomm Msm8909w firmware - (not an official CPE)
Qualcomm Msm8996au firmware - (not an official CPE)
Qualcomm Sd 205 firmware - (not an official CPE)
Qualcomm Sd 210 firmware - (not an official CPE)
Qualcomm Sd 212 firmware - (not an official CPE)
Qualcomm Sd 410 firmware - (not an official CPE)
Qualcomm Sd 412 firmware - (not an official CPE)
Qualcomm Sd 415 firmware - (not an official CPE)
Qualcomm Sd 425 firmware - (not an official CPE)
Qualcomm Sd 427 firmware - (not an official CPE)
Qualcomm Sd 429 firmware - (not an official CPE)
Qualcomm Sd 430 firmware - (not an official CPE)
Qualcomm Sd 435 firmware - (not an official CPE)
Qualcomm Sd 439 firmware - (not an official CPE)
Qualcomm Sd 450 firmware - (not an official CPE)
Qualcomm Sd 615 firmware - (not an official CPE)
Qualcomm Sd 616 firmware - (not an official CPE)
Qualcomm Sd 625 firmware - (not an official CPE)
Qualcomm Sd 632 firmware - (not an official CPE)
Qualcomm Sd 636 firmware - (not an official CPE)
Qualcomm Sd 650 firmware - (not an official CPE)
Qualcomm Sd 652 firmware - (not an official CPE)
Qualcomm Sd 810 firmware - (not an official CPE)
Qualcomm Sd 820 firmware - (not an official CPE)
Qualcomm Sd 820a firmware - (not an official CPE)
Qualcomm Sd 835 firmware - (not an official CPE)
Qualcomm Sda660 firmware - (not an official CPE)
Qualcomm Sdm439 firmware - (not an official CPE)
Qualcomm Sdm630 firmware - (not an official CPE)
Qualcomm Sdm660 firmware - (not an official CPE)
Qualcomm Sdx24 firmware - (not an official CPE)
Qualcomm Snapdragon high med 2016 firmware - (not an official CPE)
Qualcomm - Ipq8074 firmware
Qualcomm - Mdm9206 firmware
Qualcomm - Mdm9607 firmware
Qualcomm - Mdm9635m firmware
Qualcomm - Mdm9640 firmware
Qualcomm - Mdm9650 firmware
Qualcomm - Mdm9655 firmware
Qualcomm - Msm8909w firmware
Qualcomm - Msm8996au firmware
Qualcomm - Sd 205 firmware
Qualcomm - Sd 210 firmware
Qualcomm - Sd 212 firmware
Qualcomm - Sd 410 firmware
Qualcomm - Sd 412 firmware
Qualcomm - Sd 415 firmware
Qualcomm - Sd 425 firmware
Qualcomm - Sd 427 firmware
Qualcomm - Sd 429 firmware
Qualcomm - Sd 430 firmware
Qualcomm - Sd 435 firmware
Qualcomm - Sd 439 firmware
Qualcomm - Sd 450 firmware
Qualcomm - Sd 615 firmware
Qualcomm - Sd 616 firmware
Qualcomm - Sd 625 firmware
Qualcomm - Sd 632 firmware
Qualcomm - Sd 636 firmware
Qualcomm - Sd 650 firmware
Qualcomm - Sd 652 firmware
Qualcomm - Sd 810 firmware
Qualcomm - Sd 820 firmware
Qualcomm - Sd 820a firmware
Qualcomm - Sd 835 firmware
Qualcomm - Sda660 firmware
Qualcomm - Sdm439 firmware
Qualcomm - Sdm630 firmware
Qualcomm - Sdm660 firmware
Qualcomm - Sdx24 firmware
Qualcomm - Snapdragon high med 2016 firmware
Advisory | Patch | Confirmed | Link |
---|---|---|---|
https://www.qualcomm.com/company/product-security/bullet... | |||
106128 |
Improper Restriction of Operations within the Bounds of a Memory Buffer (ID 119)
Related CAPEC 11
Buffer Overflow via Environment Variables (CAPEC-ID 10)
Overflow Buffers (CAPEC-ID 100)
Client-side Injection-induced Buffer Overflow (CAPEC-ID 14)
Filter Failure through Buffer Overflow (CAPEC-ID 24)
MIME Conversion (CAPEC-ID 42)
Overflow Binary Resource File (CAPEC-ID 44)
Buffer Overflow via Symbolic Links (CAPEC-ID 45)
Overflow Variables and Tags (CAPEC-ID 46)
Buffer Overflow via Parameter Expansion (CAPEC-ID 47)
Buffer Overflow in an API Call (CAPEC-ID 8)
Buffer Overflow in Local Command-Line Utilities (CAPEC-ID 9)