October 2019

October 2019 Security Bulletin

Version 1.1

Published: 10/07/2019

This security bulletin is intended to help Qualcomm Technologies, Inc. (QTI) customers incorporate security updates in launched or upcoming devices. This document includes (i) a description of security vulnerabilities that have been addressed in QTI’s proprietary code and (ii) links to related code that has been contributed to Code Aurora Forum (CAF), a Linux Foundation Collaborative Project, to address security vulnerabilities for customers who incorporate Linux-based software from CAF into their devices.

Please reach out to securitybulletin@qti.qualcomm.com for any questions related to this bulletin.

Announcements

We have discontinued publication of the open source public bulletin at https://www.codeaurora.org/security-advisories/security-bulletins. Starting from September 2019, we will have one single monthly bulletin listing both open-source and closed-source vulnerabilities

Acknowledgements

We would like to thank these researchers for their contributions in reporting these issues to us.

CVE-2019-10486, CVE-2019-10503 Pengfei Ding(丁鹏飞) of Huawei Mobile Security Lab
CVE-2019-2302 Gengjia Chen (chengjia4574)
CVE-2019-10566, CVE-2019-2297 Reported to us through Google Android Security team; please see bulletins at https://source.android.com/security/overview/acknowledgements/ for individual credit information. For issues rated medium or lower, the individual credit information may appear in a future Android major release bulletin.
CVE-2019-10617 Michael Bourque
CVE-2019-10627 XiaoyuHe@VARAS
CVE-2019-2289 syssec@kaist
CVE-2019-2318 Wen Guanxing from Pangu LAB

This table summarizes security vulnerabilities that were addressed through proprietary software

Table of Vulnerabilities

Public ID Security Rating Technology Area Date Reported
CVE-2018-13916 Critical KERNEL Internal
CVE-2019-10490 High GPS HLOS Driver Internal
CVE-2019-10617 High Bluetooth HOST 4/16/2019
CVE-2019-10627 Critical Printer Software 8/14/2019
CVE-2019-2251 Critical Boot Internal
CVE-2019-2271 Critical Multi-Mode Call Processor Internal
CVE-2019-2289 Critical Multi-Mode Call Processor 12/27/2018
CVE-2019-2295 High System Debug Internal
CVE-2019-2303 High GERAN Internal
CVE-2019-2315 Critical Content Protection Internal
CVE-2019-2318 High QTEE 12/10/2018
CVE-2019-2329 Critical QTEE Internal
CVE-2019-2335 High Multi-Mode Call Processor Internal
CVE-2019-2336 Critical QTEE Internal
CVE-2019-2339 Critical QTEE Internal

CVE-2018-13916

CVE ID CVE-2018-13916
Title Improper Validation of Array Index in Kernel
Description Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data.
Technology Area KERNEL
Vulnerability Type CWE-680 Integer Overflow to Buffer Overflow
Access Vector Local
Security Rating Critical
Date Reported Internal
Customer Notified Date 01/07/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

CVE-2019-10490

CVE ID CVE-2019-10490
Title Use After Free Issue in GPS Module
Description Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places
Technology Area GPS HLOS Driver
Vulnerability Type CWE-416 Use After Free
Access Vector Local
Security Rating High
Date Reported Internal
Customer Notified Date 05/06/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, SDA660, SDA845, SDM450, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

CVE-2019-10617

CVE ID CVE-2019-10617
Title Permissions, Privileges and Access control Issues in Bluetooth Host
Description Low privilege users can access service configuration which contains registry data that admins uses to create or delete entries in the registry
Technology Area Bluetooth HOST
Vulnerability Type CWE-264 Permissions, Privileges, and Access Controls
Access Vector Local
Security Rating High
Date Reported 4/16/2019
Customer Notified Date 8/28/2019
Affected Chipsets* QCA6174_9377

CVE-2019-10627

CVE ID CVE-2019-10627
Title Buffer overflow vulnerability in the PostScript- and PDF-compatible interpreters
Description Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation.
Technology Area Printer Software
Vulnerability Type CWE-680 Integer overflow to buffer overflow
Access Vector Remote
Security Rating Critical
Date Reported 8/14/2019
Customer Notified Date 9/24/2019
Affected Chipsets* PostScript and PDF printers that use IPS versions prior to 2019.2

CVE-2019-2251

CVE ID CVE-2019-2251
Title Buffer Copy Without Checking Size of Input in Boot
Description If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow.
Technology Area Boot
Vulnerability Type CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Access Vector Local
Security Rating Critical
Date Reported Internal
Customer Notified Date 01/07/2019
Affected Chipsets* APQ8016, APQ8096AU, APQ8098, MDM9205, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVE-2019-2271

CVE ID CVE-2019-2271
Title Improper Validation of Array Index in NAS
Description Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values
Technology Area Multi-Mode Call Processor
Vulnerability Type CWE-126 Buffer Over-read, CWE-129 Improper Validation of Array Index
Access Vector Remote
Security Rating Critical
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

CVE-2019-2289

CVE ID CVE-2019-2289
Title Improper Authentication in NAS
Description Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS
Technology Area Multi-Mode Call Processor
Vulnerability Type CWE-287 Improper Authentication
Access Vector Remote
Security Rating Critical
Date Reported 12/27/2018
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

CVE-2019-2295

CVE ID CVE-2019-2295
Title Untrusted Pointer Dereference in System Debug
Description Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code.
Technology Area System Debug
Vulnerability Type CWE-822 Untrusted Pointer Dereference
Access Vector Local
Security Rating High
Date Reported Internal
Customer Notified Date 05/06/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, MDM9205, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR1130

CVE-2019-2303

CVE ID CVE-2019-2303
Title Buffer Over-read Issue in GSNDCP Module
Description SNDCP module may access array out side its boundary when it receives malformed XID message.
Technology Area GERAN
Vulnerability Type CWE-126 Buffer Over-read
Access Vector Remote
Security Rating High
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

CVE-2019-2315

CVE ID CVE-2019-2315
Title Permissions, Privileges and Access Controls Issue in Content Protection
Description While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment.
Technology Area Content Protection
Vulnerability Type CWE-264 Permissions, Privileges, and Access Controls
Access Vector Local
Security Rating Critical
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130

CVE-2019-2318

CVE ID CVE-2019-2318
Title Buffer Over-read Issue in QTEE
Description Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS
Technology Area QTEE
Vulnerability Type CWE-126 Buffer Over-read
Access Vector Local
Security Rating High
Date Reported 12/10/2018
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_2016

CVE-2019-2329

CVE ID CVE-2019-2329
Title Use After Free Issue in QTEE
Description Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application.
Technology Area QTEE
Vulnerability Type CWE-416 Use After Free
Access Vector Local
Security Rating Critical
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

CVE-2019-2335

CVE ID CVE-2019-2335
Title Loop with Unreachable Exit Condition in NAS
Description While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop
Technology Area Multi-Mode Call Processor
Vulnerability Type CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
Access Vector Remote
Security Rating High
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

CVE-2019-2336

CVE ID CVE-2019-2336
Title Use After Free Issue in QTEE
Description Subsequent use of the CBO listener may result in further memory corruption due to use after free issue.
Technology Area QTEE
Vulnerability Type CWE-416 Use After Free
Access Vector Local
Security Rating Critical
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130

CVE-2019-2339

CVE ID CVE-2019-2339
Title Improper Restriction of Operation Within the Bounds of Memory in QTEE
Description Out of bound access due to lack of check of whiltelist array size while reading the image elf segments.
Technology Area QTEE
Vulnerability Type CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Access Vector Local
Security Rating Critical
Date Reported Internal
Customer Notified Date 04/01/2019
Affected Chipsets* MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

* Data is generated only at the time of bulletin creation

This table summarizes security vulnerabilities that were addressed through open source software located at the corresponding open source project links

Table of Vulnerabilities

Public ID Security Rating Technology Area Date Reported
CVE-2019-10486 Medium Multimedia 11/21/2018
CVE-2019-10503 Medium Multimedia 12/15/2018
CVE-2019-10535 High WLAN HOST Internal
CVE-2019-10563 Medium WLAN HOST Internal
CVE-2019-10565 Medium Camera Driver Internal
CVE-2019-10566 Medium WLAN HOST 09/05/2018
CVE-2019-2266 Medium Camera Driver Internal
CVE-2019-2268 High WLAN HOST Internal
CVE-2019-2297 Medium WLAN HOST 10/30/2018
CVE-2019-2302 Medium WLAN HOST 08/15/2018

CVE-2019-10486

CVE ID CVE-2019-10486
Title Time-of-check Time-of-use Race Condition in Camera
Description Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access
Technology Area Multimedia
Vulnerability Type CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
Access Vector Local
Security Rating Medium
Date Reported 11/21/2018
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150
Patch*

CVE-2019-10503

CVE ID CVE-2019-10503
Title Improper Validation of Array Index in Camera
Description Out-of-bounds access can occur in camera driver due to improper validation of array index
Technology Area Multimedia
Vulnerability Type CWE-129 Improper Validation of Array Index
Access Vector Local
Security Rating Medium
Date Reported 12/15/2018
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20
Patch*

CVE-2019-10535

CVE ID CVE-2019-10535
Title Use of Out-of-range Pointer Offset in WLAN HOST
Description Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop
Technology Area WLAN HOST
Vulnerability Type CWE-823 Use of Out-of-range Pointer Offset
Access Vector Local
Security Rating High
Date Reported Internal
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, SDX20
Patch*

CVE-2019-10563

CVE ID CVE-2019-10563
Title Buffer Over-read Issue in WLAN HOST
Description Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware
Technology Area WLAN HOST
Vulnerability Type CWE-126 Buffer Over-read
Access Vector Local
Security Rating Medium
Date Reported Internal
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24
Patch*

CVE-2019-10565

CVE ID CVE-2019-10565
Title Double Free Issue in Camera Driver
Description Double free issue can happen when sensor power settings is freed by some thread while another thread try to access.
Technology Area Camera Driver
Vulnerability Type CWE-415 Double Free
Access Vector Local
Security Rating Medium
Date Reported Internal
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR1130
Patch*

CVE-2019-10566

CVE ID CVE-2019-10566
Title Buffer Copy Without Checking Size of Input in WLAN HOST
Description Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length
Technology Area WLAN HOST
Vulnerability Type CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Access Vector Local
Security Rating Medium
Date Reported 09/05/2018
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130
Patch*

CVE-2019-2266

CVE ID CVE-2019-2266
Title Use After Free Issue in Camera
Description Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence
Technology Area Camera Driver
Vulnerability Type CWE-416 Use After Free
Access Vector Local
Security Rating Medium
Date Reported Internal
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150
Patch*

CVE-2019-2268

CVE ID CVE-2019-2268
Title Buffer Over-read in WLAN
Description Possible OOB read issue in P2P action frames while handling WLAN management frame
Technology Area WLAN HOST
Vulnerability Type CWE-126 Buffer Over-read
Access Vector Remote
Security Rating High
Date Reported Internal
Customer Notified Date 03/04/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150
Patch*

CVE-2019-2297

CVE ID CVE-2019-2297
Title Integer Overflow to Buffer Overflow in WLAN
Description Buffer overflow can occur while processing non-standard NAN message from user space.
Technology Area WLAN HOST
Vulnerability Type CWE-680 Integer Overflow to Buffer Overflow
Access Vector Local
Security Rating Medium
Date Reported 10/30/2018
Customer Notified Date 07/01/2019
Affected Chipsets* APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150
Patch*

CVE-2019-2302

CVE ID CVE-2019-2302
Title Buffer Copy Without Checking Size of Input in WLAN
Description While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow.
Technology Area WLAN HOST
Vulnerability Type CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow'), CWE-680 Integer Overflow to Buffer Overflow
Access Vector Local
Security Rating Medium
Date Reported 08/15/2018
Customer Notified Date 04/01/2019
Affected Chipsets* APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150
Patch*

* Data is generated only at the time of bulletin creation

Industry Coordination

Security ratings of issues included in Android security bulletins and these bulletins match in the most common scenarios but may differ in some cases due to one of the following reasons:

  • Consideration of security protections such as SELinux not enforced on some platforms

     

  • Differences in assessment of some specific scenarios that involves local denial of service or privilege escalation vulnerabilities in the high level OS kernel

Version History

Version Date Comments
1.1 October 7, 2019 Details for CVE-2019-10617 and CVE-2019-10627 added
1.0 October 7, 2019 Bulletin Published

All Qualcomm products mentioned herein are products of Qualcomm Technologies, Inc. and/or its subsidiaries.

Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other product and brand names may be trademarks or registered trademarks of their respective owners.

This technical data may be subject to U.S. and international export, re-export, or transfer (“export”) laws. Diversion contrary to U.S. and international law is strictly prohibited.

See all of our security bulletins