github - ghsa-4vjh-72cp-6gmq

ghsa-4vjh-72cp-6gmq

Vulnerability from github

Published

2022-05-24 16:45

Modified

2024-04-04 00:30

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-18131"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-06T23:29:00Z",
    "severity": "HIGH"
  },
  "details": "In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016.",
  "id": "GHSA-4vjh-72cp-6gmq",
  "modified": "2024-04-04T00:30:58Z",
  "published": "2022-05-24T16:45:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18131"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2017-18131 (GCVE-0-2017-18131)

Vulnerability from cvelistv5

Published

2019-05-06 22:19

Modified

2024-08-05 21:13

Severity ?

CWE

CWE823: Use of Out-of-range Pointer Offset

Summary

In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016.

References

URL

Tags

https://www.qualcomm.com/company/product-security/bulletins

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Qualcomm Technologies Inc.	Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear	Version: MDM9206 Version: MDM9607 Version: MSM8996AU Version: SD 210/SD 212/SD 205 Version: SD 410/12 Version: SD 425 Version: SD 427 Version: SD 430 Version: SD 435 Version: SD 450 Version: SD 615/16/SD 415 Version: SD 625 Version: SD 820 Version: SD 820A Version: SD 835 Version: SD 845 Version: SDM429 Version: SDM439 Version: SDM630 Version: SDM632 Version: SDM636 Version: SDM660 Version: Snapdragon_High_Med_2016

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:48.443Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
          "vendor": "Qualcomm Technologies Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "MDM9206"
            },
            {
              "status": "affected",
              "version": "MDM9607"
            },
            {
              "status": "affected",
              "version": "MSM8996AU"
            },
            {
              "status": "affected",
              "version": "SD 210/SD 212/SD 205"
            },
            {
              "status": "affected",
              "version": "SD 410/12"
            },
            {
              "status": "affected",
              "version": "SD 425"
            },
            {
              "status": "affected",
              "version": "SD 427"
            },
            {
              "status": "affected",
              "version": "SD 430"
            },
            {
              "status": "affected",
              "version": "SD 435"
            },
            {
              "status": "affected",
              "version": "SD 450"
            },
            {
              "status": "affected",
              "version": "SD 615/16/SD 415"
            },
            {
              "status": "affected",
              "version": "SD 625"
            },
            {
              "status": "affected",
              "version": "SD 820"
            },
            {
              "status": "affected",
              "version": "SD 820A"
            },
            {
              "status": "affected",
              "version": "SD 835"
            },
            {
              "status": "affected",
              "version": "SD 845"
            },
            {
              "status": "affected",
              "version": "SDM429"
            },
            {
              "status": "affected",
              "version": "SDM439"
            },
            {
              "status": "affected",
              "version": "SDM630"
            },
            {
              "status": "affected",
              "version": "SDM632"
            },
            {
              "status": "affected",
              "version": "SDM636"
            },
            {
              "status": "affected",
              "version": "SDM660"
            },
            {
              "status": "affected",
              "version": "Snapdragon_High_Med_2016"
            }
          ]
        }
      ],
      "datePublic": "2019-03-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE823: Use of Out-of-range Pointer Offset",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-06T22:19:31",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2017-18131",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "MDM9206"
                          },
                          {
                            "version_value": "MDM9607"
                          },
                          {
                            "version_value": "MSM8996AU"
                          },
                          {
                            "version_value": "SD 210/SD 212/SD 205"
                          },
                          {
                            "version_value": "SD 410/12"
                          },
                          {
                            "version_value": "SD 425"
                          },
                          {
                            "version_value": "SD 427"
                          },
                          {
                            "version_value": "SD 430"
                          },
                          {
                            "version_value": "SD 435"
                          },
                          {
                            "version_value": "SD 450"
                          },
                          {
                            "version_value": "SD 615/16/SD 415"
                          },
                          {
                            "version_value": "SD 625"
                          },
                          {
                            "version_value": "SD 820"
                          },
                          {
                            "version_value": "SD 820A"
                          },
                          {
                            "version_value": "SD 835"
                          },
                          {
                            "version_value": "SD 845"
                          },
                          {
                            "version_value": "SDM429"
                          },
                          {
                            "version_value": "SDM439"
                          },
                          {
                            "version_value": "SDM630"
                          },
                          {
                            "version_value": "SDM632"
                          },
                          {
                            "version_value": "SDM636"
                          },
                          {
                            "version_value": "SDM660"
                          },
                          {
                            "version_value": "Snapdragon_High_Med_2016"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm Technologies Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE823: Use of Out-of-range Pointer Offset"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2017-18131",
    "datePublished": "2019-05-06T22:19:31",
    "dateReserved": "2018-02-05T00:00:00",
    "dateUpdated": "2024-08-05T21:13:48.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.