Sxr2130 Firmware Security Vulnerabilities
Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017,...
9.8CVSS
9.5AI Score
0.003EPSS
Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ...
9.8CVSS
9.3AI Score
0.002EPSS
Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, Nicobar, QCM2150, QCS405, Saipan, SDM845, SM8150, SM8250, SXR2130
9.8CVSS
9.3AI Score
0.003EPSS
u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon W...
9.8CVSS
9.4AI Score
0.003EPSS
Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8...
5.5CVSS
6.2AI Score
0.0004EPSS
Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCM...
7.8CVSS
7.8AI Score
0.0004EPSS
u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...
5.5CVSS
6.7AI Score
0.0004EPSS
u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...
7.8CVSS
7.7AI Score
0.0004EPSS
Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in A...
9.8CVSS
9.6AI Score
0.003EPSS
u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastruct...
7.8CVSS
7.6AI Score
0.0004EPSS
u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Agatti, Kamorta, Nicoba...
9.8CVSS
9.6AI Score
0.003EPSS
u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053...
7.8CVSS
7.8AI Score
0.0004EPSS
u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in Bitra, Nicobar, Saipan, SM6150, SM8150, SM8250, SXR2130
7.8CVSS
7.8AI Score
0.0004EPSS
Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...
9.8CVSS
9.3AI Score
0.002EPSS
Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voic...
9.8CVSS
9.4AI Score
0.003EPSS
Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & ...
7.5CVSS
7.1AI Score
0.002EPSS
Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130
7.8CVSS
7.9AI Score
0.0004EPSS
u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent to InvalidConnectionRequest(CVE-2019-19193) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdra...
7.5CVSS
6.7AI Score
0.001EPSS
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
7.5CVSS
7AI Score
0.001EPSS
Assertion occurs while processing Reconfiguration message due to improper validation
7.5CVSS
7.5AI Score
0.001EPSS
information disclosure due to cryptographic issue in Core during RPMB read request.
7.1CVSS
5.2AI Score
0.0004EPSS
Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Linux android due to double free while calling unregister provider after register call.
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to double free in core while initializing the encryption key.
9.3CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to reachable assertion in Modem because of invalid network configuration.
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
7.9CVSS
8AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
9.3CVSS
7.9AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.
7.3CVSS
5.6AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
9.3CVSS
9AI Score
0.0004EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
6.8CVSS
6.8AI Score
0.001EPSS
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
7.8CVSS
8AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
7.8CVSS
7.8AI Score
0.0004EPSS
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
8.4CVSS
7.6AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
8.2CVSS
7.4AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption due to double free in Core while mapping HLOS address to the list.
8.4CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.
7.5CVSS
7.4AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.1CVSS
5.4AI Score
0.0004EPSS
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4CVSS
7.9AI Score
0.0004EPSS
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
6.2CVSS
5.4AI Score
0.0004EPSS
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.
7.5CVSS
7.6AI Score
0.001EPSS
6.2CVSS
5.4AI Score
0.0004EPSS
6.8CVSS
6.6AI Score
0.001EPSS
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
9.8CVSS
9.4AI Score
0.001EPSS
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
7.8CVSS
7.5AI Score
0.0004EPSS