738 matches found
CVE-2020-11289
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,...
Design/Logic Flaw
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,...
CVE-2020-11289
CVE-2020-11289 describes an out-of-bounds write in the TZ command handler due to missing validation of the command ID in Qualcomm Snapdragon SoCs. Affected families include Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wearables, and Wired/WAN p...
CVE-2020-11289
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,...
Command injection
In the FPC TrustZone fingerprint App, there is a possible invalid command handler due to an exposed test feature. This could lead to local escalation of privilege in the TEE, with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...
CVE-2019-14074
u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...
CVE-2019-14074
CVE-2019-14074 describes a heap overflow in the diag command handler caused by missing packet-length validation, affecting numerous Qualcomm Snapdragon platforms (e.g., APQ8009, SDM8xx/9x, and other Snapdragon families). The issue is localized (local attacker) and is described in public CVE listi...
CVE-2019-14074
u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...
CVE-2019-14101
Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
CVE-2019-14101
Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
CVE-2019-14101
CVE-2019-14101 affects Qualcomm Snapdragon platforms (e.g., Auto, Compute, Connectivity, IOT, Mobile, Wearables) including APQ8009/8096 families and many MSM/SDM/QCS/SXR devices. The vulnerability is an out-of-bounds read in the diag event set mask command handler when the provided length in the ...
CVE-2019-14094
Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...
Integer overflow
Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...
CVE-2019-14094
CVE-2019-14094 describes an integer overflow in the diag command handler when a large value is supplied for the number of tasks in request packets. Affected products are Qualcomm Snapdragon families including Snapdragon Auto, Compute, Connectivity, etc., across numerous SoCs (e.g., APQ8009, APQ80...
CVE-2020-13840
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 MTK chipsets. Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 June 2020...
CVE-2020-13841
An issue was discovered on LG mobile devices with Android OS 9 and 10 MTK chipsets. An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 June 2020...
CVE-2020-13841
An issue was discovered on LG mobile devices with Android OS 9 and 10 MTK chipsets. An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 June 2020...
Buffer overflow
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 MTK chipsets. Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 June 2020...
Command injection
An issue was discovered on LG mobile devices with Android OS 9 and 10 MTK chipsets. An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 June 2020...
CVE-2020-13841
An issue was discovered on LG mobile devices with Android OS 9 and 10 MTK chipsets. An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 June 2020...