3787 matches found
Input validation
Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...
Double free
Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Integer overflow
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
Design/Logic Flaw
Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-30348
CVE-2021-30348 is about improper validation of LLM utility timer availability that can cause a denial-of-service in Qualcomm Snapdragon platforms. The linked records confirm impact across multiple Snapdragon lines (Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Indu...
CVE-2021-30337
CVE-2021-30337 describes a local-use-after-free/double-free vulnerability in Qualcomm/Snapdragon kernel components where process shell memory is freed via an IOCTL during initialization. This can lead to memory corruption with potential impact to confidentiality, integrity, and availability as in...
CVE-2021-30336
Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-30336
CVE-2021-30336 affects Qualcomm Snapdragon components across Auto, Compute, Connectivity, Industrial IoT and Wearables. The vulnerability is a local out-of-bounds read caused by insufficient domain input validation when handling APK close session requests, leading to potential memory corruption w...
CVE-2021-30335
Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2021-30293
CVE-2021-30293 describes a possible assertion caused by insufficient input validation in PUSCH configuration on Qualcomm Snapdragon substrates (Auto, Compute, Connectivity, IoT variants). Public records enumerate a Qualcomm-focused vulnerability with CVSS v3.1 base score 7.5 (Network, L, PR:N, UI...
CVE-2021-30293
Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...
CVE-2021-30289
CVE-2021-30289 is a buffer overflow risk in Qualcomm Snapdragon components related to COEX management, triggered by processing a DIAG command. Connected sources robustly map affected products to Snapdragon families including Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & ...
CVE-2021-30282
CVE-2021-30282 affects Qualcomm Snapdragon hardware/software components, with a flaw described as an input validation error that fails to validate the number of RAM partitions. This can lead to an out-of-bounds write in the RAM partition table. The vulnerability is associated with multiple Snapdr...
CVE-2021-30279
CVE-2021-30279 is tied to an access control issue caused by improper privilege masking for VMIDs in Qualcomm components. CNNVD notes the vulnerability exists in Qualcomm SDX55 and QCA6390 products, indicating a local privilege elevation possibility via VMID privilege settings. NVD/Red Hat entries...
CVE-2021-30278
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...
CVE-2021-30276
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking...
CVE-2021-30275
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...
CVE-2021-30275
The CVE-2021-30275 issue is an input validation and integer overflow vulnerability in Qualcomm’s closed‑source components across Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity and related SoCs). The root cause is a lack of address/size validation before the page alignment operat...
CVE-2021-30274
CVE-2021-30274 concerns an integer overflow in the access initialization interface due to inadequate size and address validation. The issue is described across multiple sources as affecting Qualcomm/ Qualcomm Snapdragon platforms (including Snapdragon Auto, Compute, Connectivity, and related IoT/...
CVE-2021-30273
Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...