Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Qaulcomm
  • Fsm9055 Firmware
  • Fsm9055
Qualcomm
  • Sd 616
  • Mdm9607 Firmware
  • Sda660 Firmware
  • Mdm9206 Firmware
  • Mdm9206
  • Msm8996au
  • Sd 820a
  • Sd 652
  • Sda660
  • Sd 450 Firmware
  • Sd 616 Firmware
  • Sdx20
  • Msm8909w Firmware
  • Sd 450
  • Sd 212
  • Sd 820a Firmware
  • Sd 425
  • Sd 835
  • Sd 425 Firmware
  • Sd 650 Firmware
  • Sdx20 Firmware
  • Sd 820 Firmware
  • Sd 205 Firmware
  • Sd 430 Firmware
  • Sd 835 Firmware
  • Sd 625
  • Sd 810 Firmware
  • Mdm9607
  • Msm8909w
  • Sd 415 Firmware
  • Sd 615
  • Sd 617 Firmware
  • Sd 652 Firmware
  • Sd 615 Firmware
  • Sd 415
  • Sd 617
  • Sd 210 Firmware
  • Mdm9640
  • Sd 810
  • Msm8996au Firmware
  • Mdm9650
  • Sd 212 Firmware
  • Sd 625 Firmware
  • Sd 430
  • Mdm9640 Firmware
  • Sd 210
  • Sd 650
  • Mdm9650 Firmware
  • Sd 820
  • Sd 205

Configuration 1 [-]

AND
cpe:2.3:o:qaulcomm:fsm9055_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qaulcomm:fsm9055:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*
References
Link Resource
http://www.securitytracker.com/id/1041432 Third Party Advisory VDB Entry
https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components Third Party Advisory
https://www.qualcomm.com/company/product-security/bulletins Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2018-10-23T13:00:00

Updated: 2018-10-24T09:57:01

Reserved: 2018-06-15T00:00:00

Link: CVE-2017-18304

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2018-10-23T13:29:02.430

Modified: 2018-12-10T14:52:02.377

Link: CVE-2017-18304

JSON object: View

cve-icon Redhat Information

No data.

CWE