3787 matches found
Design/Logic Flaw
Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...
Input validation
Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...
Design/Logic Flaw
Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
Null pointer dereference
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Buffer overflow
Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
Design/Logic Flaw
While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile,...
CVE-2020-11308
Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2020-11308
CVE-2020-11308 describes a buffer overflow in Qualcomm Snapdragon components (e.g., Snapdragon Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music and related bootloader) triggered while converting ASCII strings to Unicode when the actual size exceeds the required size. Pub...
CVE-2020-11299
CVE-2020-11299 describes a buffer overflow in Qualcomm closed‑source components used in Snapdragon software stacks (Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables). The root cause is a buffer overflow while decoding a non‑standard video clip, which can be tri...
CVE-2020-11290
CVE-2020-11290 is a use-after-free in Qualcomm MSM ioctl event handling caused by a race between ioctl register and deregister. Affected are Snapdragon products including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, and Wearables. The issue stems from contention in the ioctl...
CVE-2020-11290
Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...
CVE-2020-11230
CVE-2020-11230 involves a potential arbitrary memory corruption in the Qualcomm qseecom kernel interface used for communications between user land and secure world. The issue stems from updating ion buffer physical addresses, which exposes a physical address to user land in Snapdragon Auto/Comput...
CVE-2020-11228
CVE-2020-11228 affects Qualcomm closed‑source components (on Snapdragon platforms) due to an improper policy in the RPM region of xblSec, enabling unprivileged access. The issue is documented across multiple sources (NVD entry and Red Hat advisory) with explicit references to Qualcomm’s security ...
CVE-2020-11228
Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
CVE-2020-11227
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2020-11226
CVE-2020-11226 concerns a memory-read out-of-bounds vulnerability in Qualcomm closed-source Data modem logic, stemming from a missing offset-length check during unpacking. Affected products span Snapdragon Auto/Compute/Connectivity/IoT lines (Qualcomm closed-source components). The underlying fla...
CVE-2020-11222
CVE-2020-11222 is a buffer over-read in Qualcomm Snapdragon components (Auto, Compute, Connectivity, C IoT, Industrial IoT, IoT, Mobile) triggered when processing MT SMS messages at maximum length due to improper length checking. The vulnerability is described across NVD/Red Hat/PRION/CVE lists a...
CVE-2020-11220
CVE-2020-11220 is a TOCTOU-type issue in processing storage SCM commands where a pointer could be invalid during a specific window in Qualcomm closed-source components used in Snapdragon Auto/Compute/Connectivity/Industrial IOT/Mobile/Wired platforms. The connected documentation confirms the vuln...
CVE-2020-11218
Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2020-11192
CVE-2020-11192 is a Qualcomm closed‑source component vulnerability affecting Snapdragon platforms listed in the initial document (e.g., Snapdragon Auto/Compute/Connectivity, IoT variants). The issue is described as an out-of-bounds write during SDP string parsing caused by a missing null-terminat...