CVE-2017-18279

Summary

Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016.

Affected Software

VendorProductVersion RangeStatus
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearFSM9055affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearFSM9955affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearIPQ4019affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearIPQ8064affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearMDM9206affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearMDM9607affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearMDM9640affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearMDM9650affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearMSM8909Waffected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearMSM8996AUaffected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearQCA9531affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearQCA9558affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearQCA9563affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearQCA9880affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearQCA9886affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearQCA9980affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 210/SD 212/SD 205affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 425affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 427affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 430affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 435affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 450affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 615/16/SD 415affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 625affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 650/52affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 800affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 810affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 820affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSD 835affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSDM630affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSDM636affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSDM660affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSDX20affected
Qualcomm Technologies, Inc.Small Cell SoC, Snapdragon Mobile, Snapdragon WearSnapdragon_High_Med_2016affected

Weaknesses

  • CWE680: Integer Overflow to Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References