Vulnerabilites related to qualcomm - msm8974
Vulnerability from fkie_nvd
Published
2021-05-07 09:15
Modified
2024-11-21 04:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC498E0-B82B-4A53-8F55-6C1DA58AFA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E79D48-F105-4D64-8C8F-88FE0345F5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8074:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51221D96-CF0A-431B-AFEE-E08D8A5BF943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8084:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC2E532-1298-4B43-9EF8-AE37E1338EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:apq8094:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20239319-ACA6-4249-815D-C10D5E39A16A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140FD423-FAC4-4D2D-BCFF-511E0AE8CE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm8215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53F4B19E-78D9-4721-BF1E-C0330888EE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm8215m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF1E79B5-B3B1-4184-8774-A83629129190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm8615m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3CB673-B24C-4594-893B-C582E94AB2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF064C7D-4BB8-419E-A9A2-DD75CD31FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9235m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2306EA19-4EF3-40C1-ADF7-F7137A732C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF11BFFD-C16A-4999-9497-6D89B8F9A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9609:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9F2427-BCDB-45C9-AECE-6DFE5A3C3AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DF4D4E-CDAA-42BB-802E-2722E7F3DBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9615m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5E4BD0-32E1-422E-A841-969FA8D5AC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB323C15-2018-4CB8-858E-56F088B03FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8F856B-70D7-4A1A-8257-90AAAE62CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57963412-14B9-4C0D-AA0D-6928445DB808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF54A14-FDCD-445F-9F51-4AAAA17C392D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8209:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FBCA5AB-07E4-404E-A278-28F6004D2126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD07E12-75FA-40DD-8200-75BF926378C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8274:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78BAD27-17D6-4072-BCC2-176F7F037076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8608:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDED3AA7-576C-4437-A466-D627698F4242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8674:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDAF8F0-1A78-4C23-A3A7-4188C264130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17B34A04-C686-4EC5-8B1C-53A7A5C3B19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8929:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BA466C-EB61-4C03-BF3E-A18448E6326D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8939:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA7A79E-0F04-41E6-8E37-49B2977D92B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8974:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA70411-0E39-431C-99C6-F6632C94CCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8974p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB59C43D-637A-4E04-AB3C-62071388453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:msm8994:-:*:*:*:*:*:*:*",
"matchCriteriaId": "916FAB3E-67C7-4C97-9717-D1507C33323C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E1D946-4EC1-493F-B9AE-0646D86E5483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "068BA3D0-4E7C-435D-9C5D-8015164E81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2950D103-C664-44CE-86FC-49A03861441F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDA1620-8FFC-4DF4-9CBC-188D21581CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8941:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACA25D6-35BF-460F-8A33-8C0975CAC31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pm8994:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12E3B29A-2A7E-466F-B081-E105352B16FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pmd9635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D94C9DD-08B2-44A4-B789-F9B9D51E7F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pmd9645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F95D237E-FF3D-497B-AC48-FBAEFD4481BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:pmi8994:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB63FC0F-DCE3-4F34-8851-3EEBCB52E39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca1990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9136B88F-3C3D-471F-8589-CA0BA4473B4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AD8F5C-1FEB-45C2-BC8F-123C2BEB0EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0C9ED5-27E3-48EC-9A05-862715EE2034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1035:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA96119-0D78-4670-8B22-AD5AEE2C30B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED257DFF-994C-4CD9-96AA-AFE5F15AE929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1045:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15FC09F3-32D6-4FA3-B93F-917B6448B541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1B240-1B14-4C24-8D0A-30C1A76AB687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AFFE5FE-1217-45A8-97AB-8CFF9681E4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "673C190F-A55B-4F25-A8F6-2CB5FB5041AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe1550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6793E84B-9F25-420F-8CD4-50BFD7E0947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0862428-695F-4445-AD89-536376E57E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "192EE890-B7E9-4E06-873A-BD84FBB41B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D122C155-690C-4E3D-9725-1073F72AFB36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD27B2D-E6B7-4F01-9B07-D64370EC539C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E73C00-29F6-42C9-9AE0-70B373D9679C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F58DA0F-88A4-4C88-A1A4-0455584D8BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC33174B-9D45-4C82-BDC1-A60B085A4513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe2720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D08FE4FD-59EA-4FBC-A254-99B03E1EC582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A6D656-2A27-4F9F-A3BD-80ADD4141716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD1BAE7-58B8-45E5-9CB7-D337BF4F9597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3335:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B890E12C-EE5F-4A93-AAED-CF68949243DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7255B9DD-58B2-4211-B999-558EAE484B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:qfe3345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF9AD63-E29A-4719-BF61-FF6AF65AFB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75C7497-A7DC-436B-BACD-71F69D99517D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1D7205-33E9-452B-BECD-F551801071DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C69B9-F0AB-4BF5-A8C2-64FEB7075593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34D7240B-DCB4-4BF4-94C7-13EBECA62D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3660a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3CAD26-4EFA-4A37-9776-01CDB173C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B612B044-C7D1-4662-AB2A-5400E34A3CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wfr1620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4346F2B3-269F-4B14-A305-708847DB2F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wgr7640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DA4BC4-C634-4F62-A49E-5AD8F4FD4672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0424E316-C8EE-420A-8861-F3E7FE178170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1605l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD356D66-BCC8-4235-8EA3-934D5D2A7F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A547E51D-9A43-4BC5-B11F-E3E5403D779C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr1625l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9C4823-EEF4-4D65-84DF-3159093B0745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr2605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD196F3-B527-4493-A46E-F85C2F127A93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr2955:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5516E6E3-D8DA-4172-A059-503B369E2034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr3925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27666130-DB04-457F-A968-3919FD5314BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr4605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "863053C1-5C53-4ABB-B494-F4DC01CFDB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:qualcomm:wtr4905:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A503AA01-CFD9-42D5-81D6-2F13E5DDA9A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile"
},
{
"lang": "es",
"value": "Un potencial reinicio de UE al decodificar un Sib1 o SIB1 dise\u00f1ado que programa los SIB no compatibles y puede conllevar a una denegaci\u00f3n de servicio en los productos Snapdragon Auto, Snapdragon Mobile"
}
],
"id": "CVE-2020-11268",
"lastModified": "2024-11-21T04:57:34.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "product-security@qualcomm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-07T09:15:07.773",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-18 14:29
Modified
2024-11-21 02:39
Severity ?
Summary
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| product-security@qualcomm.com | http://www.securityfocus.com/bid/103671 | Third Party Advisory, VDB Entry | |
| product-security@qualcomm.com | https://source.android.com/security/bulletin/2018-04-01 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103671 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2018-04-01 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qualcomm | msm8974_firmware | - | |
| qualcomm | msm8974 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:msm8974_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6755E875-E24B-444C-8CD8-7CAA78A30773",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:msm8974:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA70411-0E39-431C-99C6-F6632C94CCB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability."
},
{
"lang": "es",
"value": "En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile MSM8974, la falta de comprobaci\u00f3n de longitud en OEMCrypto_DeriveKeysFromSessionKey() podr\u00eda conducir a una vulnerabilidad de desbordamiento de b\u00fafer."
}
],
"id": "CVE-2015-9179",
"lastModified": "2024-11-21T02:39:58.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-18T14:29:06.777",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103671"
},
{
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-9179
Vulnerability from cvelistv5
Published
2018-04-18 14:00
Modified
2024-09-16 22:30
Severity ?
EPSS score ?
Summary
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://source.android.com/security/bulletin/2018-04-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/103671 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Mobile |
Version: MSM8974 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:43:41.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MSM8974"
}
]
}
],
"datePublic": "2018-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer over-read vulnerability in QTEE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-19T09:57:01",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "MSM8974"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer over-read vulnerability in QTEE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2015-9179",
"datePublished": "2018-04-18T14:00:00Z",
"dateReserved": "2017-08-16T00:00:00",
"dateUpdated": "2024-09-16T22:30:57.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-11268
Vulnerability from cvelistv5
Published
2021-05-07 09:10
Modified
2024-08-04 11:28
Severity ?
EPSS score ?
Summary
Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Mobile |
Version: APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation in LTE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-07T09:10:31",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2020-11268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Auto, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile"
}
]
},
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation in LTE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2020-11268",
"datePublished": "2021-05-07T09:10:31",
"dateReserved": "2020-03-31T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201804-0075
Vulnerability from variot
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability. Qualcomm Snapdragon Mobile MSM8974 Run on Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MSM8974 is a central processing unit (CPU) product of Qualcomm (Qualcomm). There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions before 2018-04-05. The vulnerability is caused by the lack of length detection in the 'OEMCrypto_DeriveKeysFromSessionKey()' function. A remote attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially crafted request. The following product (used in mobile devices) is affected: Qualcomm MSM8974
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8974",
"scope": "eq",
"trust": 1.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8974",
"scope": "eq",
"trust": 0.8,
"vendor": "qualcomm",
"version": "firmware"
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7"
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "103671"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:qualcomm:msm8974",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "103671"
}
],
"trust": 0.3
},
"cve": "CVE-2015-9179",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-9179",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-87140",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-9179",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-9179",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2015-9179",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-974",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-87140",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-9179",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87140"
},
{
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability. Qualcomm Snapdragon Mobile MSM8974 Run on Android Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to multiple unspecified security vulnerabilities. \nLittle is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). Qualcomm MSM8974 is a central processing unit (CPU) product of Qualcomm (Qualcomm). There is a buffer overflow vulnerability in Qualcomm closed-source components in Android versions before 2018-04-05. The vulnerability is caused by the lack of length detection in the \u0027OEMCrypto_DeriveKeysFromSessionKey()\u0027 function. A remote attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially crafted request. The following product (used in mobile devices) is affected: Qualcomm MSM8974",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-9179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "BID",
"id": "103671"
},
{
"db": "VULHUB",
"id": "VHN-87140"
},
{
"db": "VULMON",
"id": "CVE-2015-9179"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-9179",
"trust": 2.9
},
{
"db": "BID",
"id": "103671",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-87140",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-9179",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87140"
},
{
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"db": "BID",
"id": "103671"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"id": "VAR-201804-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-87140"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:39:22.588000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 4 \u6708",
"trust": 0.8,
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"title": "Android Qualcomm Fixes for closed source component buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80330"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87140"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/103671"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-9179"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-9179"
},
{
"trust": 0.3,
"url": "http://code.google.com/android/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://source.android.com/security/bulletin/2018-04-01.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87140"
},
{
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"db": "BID",
"id": "103671"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-87140"
},
{
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"db": "BID",
"id": "103671"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-18T00:00:00",
"db": "VULHUB",
"id": "VHN-87140"
},
{
"date": "2018-04-18T00:00:00",
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"date": "2018-04-05T00:00:00",
"db": "BID",
"id": "103671"
},
{
"date": "2018-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"date": "2018-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"date": "2018-04-18T14:29:06.777000",
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-87140"
},
{
"date": "2018-05-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-9179"
},
{
"date": "2018-04-05T00:00:00",
"db": "BID",
"id": "103671"
},
{
"date": "2018-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003863"
},
{
"date": "2018-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-974"
},
{
"date": "2024-11-21T02:39:58.623000",
"db": "NVD",
"id": "CVE-2015-9179"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Qualcomm Snapdragon Mobile MSM8974 Run on Android Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003863"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-974"
}
],
"trust": 0.6
}
}
var-201702-0012
Vulnerability from variot
Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. Samsumgandroidphone is a series of mobile phones based on the Android platform developed by South Korea's Samsung. There is a memory corruption vulnerability in the smsm_sensor_config' function in the v4l-subdev driver of samsumgandroidphone. This vulnerability is caused by the failure to perform boundary checking when the program writes gpio_config.gpio_name as an index to the buffer. An attacker could exploit this vulnerability to cause memory corruption. Samsung is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "apq8084",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8974",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8974pro",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "samsumg android phone",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:qualcomm:apq8084",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:qualcomm:msm8974",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:qualcomm:msm8974pro",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:samsung:mobile",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Berry Cheng.",
"sources": [
{
"db": "BID",
"id": "86366"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4038",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4038",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-02627",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2016-4038",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4038",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-4038",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-02627",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-370",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. Samsumgandroidphone is a series of mobile phones based on the Android platform developed by South Korea\u0027s Samsung. There is a memory corruption vulnerability in the smsm_sensor_config\u0027 function in the v4l-subdev driver of samsumgandroidphone. This vulnerability is caused by the failure to perform boundary checking when the program writes gpio_config.gpio_name as an index to the buffer. An attacker could exploit this vulnerability to cause memory corruption. Samsung is prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4038",
"trust": 3.3
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/04/18/8",
"trust": 3.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/04/17/2",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-02627",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370",
"trust": 0.6
},
{
"db": "BID",
"id": "86366",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"id": "VAR-201702-0012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
}
]
},
"last_update_date": "2024-11-23T22:49:09Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2015-4958: msm_sensor_config security issues",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016"
},
{
"title": "Samsumgandroidphonev4l-subdev driver memory corruption vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/74785"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.openwall.com/lists/oss-security/2016/04/18/8"
},
{
"trust": 1.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2016"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/04/17/2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4038"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4038"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"date": "2016-04-17T00:00:00",
"db": "BID",
"id": "86366"
},
{
"date": "2017-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"date": "2016-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"date": "2017-02-01T15:59:00.223000",
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"date": "2016-04-17T00:00:00",
"db": "BID",
"id": "86366"
},
{
"date": "2017-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"date": "2017-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-370"
},
{
"date": "2024-11-21T02:51:12.880000",
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "With certain Qualcomm chipsets Android Equipped with Samsung Device vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
],
"trust": 0.6
}
}