CVE-2021-35078

CVE-2021-35078 describes a potential memory leak caused by improper validation of the certificate chain length while parsing the server certificate chain in Qualcomm Snapdragon families (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Wearables). Connected sources (P...

CVE-2021-35076

CVE-2021-35076 corresponds to Qualcomm Snapdragon platform issues where a null pointer dereference can occur due to improper validation of the RRC connection reconfiguration message. Affected product families include Snapdragon Auto, Compute, Connectivity, Industrial IOT, and Mobile. The root cau...

CVE-2021-35076

Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35073

CVE-2021-35073 describes an assertion caused by improper validation of the rank restriction field in Qualcomm Snapdragon components across Snapdragon Auto, Compute, Connectivity, Industrial IOT, and Mobile. The root cause is an input validation issue in the rank restriction, with a high impact (a...

CVE-2022-22090

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

CVE-2022-22090

CVE-2022-22090 describes a memory corruption (use-after-free) in audio buffering within Qualcomm Snapdragon SoCs (Compute, Connectivity, Mobile) caused by improper handling of buffers from an internal cache. The issue affects Snapdragon audio components and is rooted in use-after-free when managi...

CVE-2022-22087

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2022-22087

CVE-2022-22087 is a memory corruption/buffer overflow issue in the video parsing path for MKV clips on Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/IoT/Wearables). The root cause is described as a boundary/overflow condition when parsing MKV clips, leading to memory corruption. Affect...

CVE-2022-22086

Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2022-22086

CVE-2022-22086 is a memory corruption issue due to a double free while parsing a 3gp clip with invalid meta data atoms in Qualcomm Snapdragon components (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Voice & Music/Wearables). Affected are Qualcomm Snapdragon products; the root caus...

CVE-2022-22085

CVE-2022-22085 corresponds to memory corruption in the video subsystem due to a buffer overflow when reading the DTS file on Qualcomm Snapdragon family devices (Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The root cause is a buffer over...

CVE-2022-22084

CVE-2022-22084: Memory corruption occurs when extracting qcp audio files due to a missing data-length check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables). Affected are Qualcomm Snapdragon environments; root cause is...

CVE-2022-22084

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2022-22083

CVE-2022-22083 describes a denial-of-service caused by memory corruption when extracting the ape header from clips in Qualcomm Snapdragon platforms. Affected components include Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, and Wearables. The availabl...

CVE-2022-22083

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2022-22082

CVE-2022-22082 affects Qualcomm Snapdragon families (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables). The vulnerability is due to memory corruption caused by a possible buffer overflow while parsing the DSF header with a corrupted channel count, leadin...

CVE-2021-35121

CVE-2021-35121 affects Qualcomm/Snapdragon kernel components, specifically the Synx driver, where an array index is improperly used to lock/unlock a mutex. This leads to a Use-After-Free condition that can be triggered locally, with the CVSS v3.1 vector indicating Local access, Low attack complex...

CVE-2021-35121

An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35120

Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35119

CVE-2021-35119 relates to a Qualcomm Snapdragon firmware issue across Snapdragon Auto, Compute, Connectivity, Industrial IOT, and Mobile. Root cause: an out-of-bounds read in FIPS event processing caused by improper validation of the firmware length. Impact stated in the CVE: availability impact ...