Known Vulnerabilities
CVE-2018-11859
Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.
CVE-2018-11875
Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850.
CVE-2018-11950
Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850
CVE-2017-18309
A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.
CVE-2018-11951
Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850.
CVE-2017-18143
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled.
CVE-2017-18134
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a buffer overflow may potentially occur while processing a response from the SIM card.
CVE-2017-18128
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data.