3787 matches found
CVE-2021-30334
CVE-2021-30334 describes a use-after-free in Qualcomm Snapdragon DRM handling caused by a missing null check of DRM file status after the file structure is freed. Affected products include Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Voice & Music, and Wearables. The vuln...
CVE-2021-30281
CVE-2021-30281 concerns an access control error described for Qualcomm Snapdragon platforms (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Voice & Music, Wearables, Wired Infrastructure & Networking). Description states possible unauthorized access to a secure space due to improper c...
CVE-2022-22072
CVE-2022-22072 is a buffer overflow caused by improper validation of NDP application information length in Qualcomm Snapdragon family components (including Auto, Compute, CE Connectivity, CIOT, Industrial IOT, Mobile, Voice & Music) and related WLAN subsystems. The vulnerability is locally exploi...
CVE-2022-22071
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2022-22071
CVE-2022-22071 describes a use-after-free condition in Qualcomm Snapdragon chipsets where process shell memory is freed via IOCTL munmap during initialization. Affected lines include Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, and Voice & Music families. The vuln...
CVE-2022-22068
CVE-2022-22068 affects Qualcomm/ Snapdragon kernel components. The issue arises when a kernel event contains content not generated by NPU software during asynchronous execution, potentially enabling local escalation of privileges with high impact (confidentiality, integrity, and availability all ...
CVE-2022-22068
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2022-22065
Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2022-22065
CVE-2022-22065 is a Qualcomm Snapdragon WLAN-Host vulnerability characterized by an out-of-bounds read due to an improper length check, leading to Denial of Service. The CVE is listed under Qualcomm components for the May 2022 Android security updates as a High-severity WLAN issue. Connected sour...
CVE-2022-22064
Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2021-35098
CVE-2021-35098 describes memory corruption due to improper validation of the session id in the PCM routing process across Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The issue, as documented by NVD and Red Hat, has ...
CVE-2021-35096
CVE-2021-35096 involves improper memory allocation during counter check DLM handling in Qualcomm Snapdragon platforms. Connected sources indicate this affects Snapdragon Auto, Compute, Connectivity, Industrial IOT, and Mobile, with the vulnerability described as a denial of service risk. The core...
CVE-2021-35094
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-35094
CVE-2021-35094 involves Qualcomm components (e.g., QCA family, AQT1000) with an improper validation of timeout-based authentication in identity credentials, which can lead to invalid authorization in HLOS. The issue affects multiple Qualcomm/Qualcomm-supplied platforms including Snapdragon Auto, ...
CVE-2021-35090
CVE-2021-35090 describes a TOC TOU race condition that could cause hypervisor memory corruption when updating address mappings on Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Industrial IOT/ Mobile). Root cause: TOC-Timing-Of-Check/Time-Of-Use race in kernel memory mappings. Impact st...
CVE-2021-35086
Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-35086
CVE-2021-35086 affects Qualcomm Snapdragon components (Auto, Compute, Connectivity, Industrial IOT, Mobile). The root cause is improper validation of the SIB type while processing an NR System Information message, leading to a potential buffer over-read. Public sources consistently describe the v...
CVE-2021-35084
Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2021-35079
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-35078
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...