var-201810-0055
Vulnerability from variot
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660. Snapdragon Mobile Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm QCA9379 and others are products of Qualcomm (Qualcomm). Qualcomm QCA9379 is a WiFi module. SD 210, etc. are central processing unit (CPU) products applied to different platforms. Bluetooth controller is one of the Bluetooth controller components. An attacker could exploit this vulnerability to cause memory corruption. The following products (for mobile devices) are affected: Qualcomm QCA9379; SD 210; SD 212; SD 205; SD 625; SD 835; SD 845; SD 850; SDA660
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201810-0055", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sd 205", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sd 210", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sd 212", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sda660", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sd 625", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sd 835", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sd 845", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "qca9379", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "sd 850", "scope": "eq", "trust": 1.6, "vendor": "qualcomm", "version": null }, { "model": "qca9379", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 205", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 210", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 212", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 625", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 835", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 845", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sd 850", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null }, { "model": "sda 660", "scope": null, "trust": 0.8, "vendor": "qualcomm", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "db": "NVD", "id": "CVE-2017-18283" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:qualcomm:qca9379_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-014300" } ] }, "cve": "CVE-2017-18283", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2017-18283", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "VHN-109390", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2017-18283", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-18283", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2017-18283", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201810-1152", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-109390", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2017-18283", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-109390" }, { "db": "VULMON", "id": "CVE-2017-18283" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "db": "NVD", "id": "CVE-2017-18283" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660. Snapdragon Mobile Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm QCA9379 and others are products of Qualcomm (Qualcomm). Qualcomm QCA9379 is a WiFi module. SD 210, etc. are central processing unit (CPU) products applied to different platforms. Bluetooth controller is one of the Bluetooth controller components. An attacker could exploit this vulnerability to cause memory corruption. The following products (for mobile devices) are affected: Qualcomm QCA9379; SD 210; SD 212; SD 205; SD 625; SD 835; SD 845; SD 850; SDA660", "sources": [ { "db": "NVD", "id": "CVE-2017-18283" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "VULHUB", "id": "VHN-109390" }, { "db": "VULMON", "id": "CVE-2017-18283" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-18283", "trust": 2.6 }, { "db": "SECTRACK", "id": "1041432", "trust": 1.8 }, { "db": "JVNDB", "id": "JVNDB-2017-014300", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201810-1152", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-109390", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2017-18283", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-109390" }, { "db": "VULMON", "id": "CVE-2017-18283" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "db": "NVD", "id": "CVE-2017-18283" } ] }, "id": "VAR-201810-0055", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-109390" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T19:27:23.801000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "October 2018 Qualcomm Technologies, Inc. Security Bulletin", "trust": 0.8, "url": "https://www.qualcomm.com/company/product-security/bulletins" }, { "title": "Multiple Qualcomm Snapdragon product Bluethooth controller Enter the fix for the verification vulnerability", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86250" }, { "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9" }, { "title": "SamsungReleaseNotes", "trust": 0.1, "url": "https://github.com/samreleasenotes/SamsungReleaseNotes " } ], "sources": [ { "db": "VULMON", "id": "CVE-2017-18283" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "CNNVD", "id": "CNNVD-201810-1152" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.1 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-109390" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "NVD", "id": "CVE-2017-18283" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components" }, { "trust": 1.8, "url": "https://www.qualcomm.com/company/product-security/bulletins" }, { "trust": 1.8, "url": "http://www.securitytracker.com/id/1041432" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18283" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18283" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://source.android.com/security/bulletin/2018-08-01.html" }, { "trust": 0.1, "url": "https://github.com/samreleasenotes/samsungreleasenotes" } ], "sources": [ { "db": "VULHUB", "id": "VHN-109390" }, { "db": "VULMON", "id": "CVE-2017-18283" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "db": "NVD", "id": "CVE-2017-18283" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-109390" }, { "db": "VULMON", "id": "CVE-2017-18283" }, { "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "db": "NVD", "id": "CVE-2017-18283" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-23T00:00:00", "db": "VULHUB", "id": "VHN-109390" }, { "date": "2018-10-23T00:00:00", "db": "VULMON", "id": "CVE-2017-18283" }, { "date": "2019-01-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "date": "2018-10-24T00:00:00", "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "date": "2018-10-23T13:29:00.977000", "db": "NVD", "id": "CVE-2017-18283" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-10-03T00:00:00", "db": "VULHUB", "id": "VHN-109390" }, { "date": "2019-10-03T00:00:00", "db": "VULMON", "id": "CVE-2017-18283" }, { "date": "2019-01-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-014300" }, { "date": "2019-10-23T00:00:00", "db": "CNNVD", "id": "CNNVD-201810-1152" }, { "date": "2024-11-21T03:19:45.930000", "db": "NVD", "id": "CVE-2017-18283" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201810-1152" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Snapdragon Mobile Input validation vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-014300" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201810-1152" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.