Sdx57m Firmware Security Vulnerabilities
Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
8.4CVSS
7.7AI Score
0.001EPSS
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & M...
9CVSS
7.4AI Score
0.0004EPSS
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastru...
9.3CVSS
8.8AI Score
0.0004EPSS
Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
7.8CVSS
7.7AI Score
0.0004EPSS
Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Network...
8.4CVSS
7.8AI Score
0.0004EPSS
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networ...
9.3CVSS
7.8AI Score
0.0004EPSS
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking
9.3CVSS
7.6AI Score
0.0004EPSS
Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
7.8CVSS
7.7AI Score
0.0004EPSS
Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wear...
8.4CVSS
7.6AI Score
0.0004EPSS
Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
9.3CVSS
8.6AI Score
0.0004EPSS
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9CVSS
5.8AI Score
0.0004EPSS
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infra...
8.2CVSS
6.8AI Score
0.0004EPSS
Assertion occurs while processing Reconfiguration message due to improper validation
7.5CVSS
7.5AI Score
0.001EPSS
information disclosure due to cryptographic issue in Core during RPMB read request.
7.1CVSS
5.2AI Score
0.0004EPSS
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
8.4CVSS
7.7AI Score
0.0004EPSS
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
7.1CVSS
6.8AI Score
0.0004EPSS
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4CVSS
7.9AI Score
0.0004EPSS
Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
7.5CVSS
7.5AI Score
0.001EPSS
Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
7.5CVSS
7.5AI Score
0.001EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...
8.4CVSS
8AI Score
0.0004EPSS
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
7.8CVSS
8AI Score
0.0004EPSS
6.2CVSS
5.5AI Score
0.0004EPSS
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
8.1CVSS
7.6AI Score
0.0004EPSS
8.8CVSS
9.3AI Score
0.001EPSS
Memory corruption due to double free in core while initializing the encryption key.
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
7.8CVSS
7.9AI Score
0.0004EPSS
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.
7.5CVSS
7.5AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem because of invalid network configuration.
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption due to improper validation of array index in Multi-mode call processor.
9.8CVSS
9.6AI Score
0.001EPSS
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
9.3CVSS
7AI Score
0.0004EPSS
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
7.9CVSS
8AI Score
0.001EPSS
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
9.3CVSS
7.9AI Score
0.0004EPSS
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
7.5CVSS
5.7AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.
7.3CVSS
5.6AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
9.3CVSS
9AI Score
0.0004EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
6.8CVSS
6.8AI Score
0.001EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.
7.5CVSS
7.4AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption due to double free in Core while mapping HLOS address to the list.
8.4CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.
7.5CVSS
7.4AI Score
0.001EPSS