Integer overflow

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

Design/Logic Flaw

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...

Buffer overflow

u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55,...

Design/Logic Flaw

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

Buffer overflow

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956,...

Integer overflow

u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR21...

Information disclosure

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting users lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...

CVE-2020-3632

CVE-2020-3632 affects Qualcomm MHI Ring Validation on Snapdragon Compute and Snapdragon Mobile platforms (QSM8350, SC7180, SDX55/55M, SM6150/6250/6250P/7125/7150/7150P/7250/7250P/8150/8150P/8250/8350/8350P; SXR2130/2130P). The root cause is incorrect validation of a ring context fetched from host...

CVE-2020-3632

u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mobile in QSM8350, SC7180, SDX55, SDX55M, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P...

CVE-2020-11207

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956,...

CVE-2020-11205

CVE-2020-11205 refers to an integer overflow leading to heap overflow when processing a command, caused by a missing check of the received packet length. Affected products listed in the CVE description include Snapdragon Auto, Snapdragon Compute, and Snapdragon Mobile platforms (QSM8350, SA6145P,...

CVE-2020-11202

CVE-2020-11202 concerns a buffer overflow/underflow when typecasting a CPU-passed buffer that is not aligned with the target structure size, affecting Qualcomm Snapdragon components across numerous lines (Auto, Compute, Consumer IOT, Industrial IOT, Mobile) including QCM6125, QCS410/603/605/610/6...

CVE-2020-11202

Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603...

CVE-2020-11184

CVE-2020-11184 affects Qualcomm Snapdragon families (e.g., Snapdragon Auto/Compute/Industrial IOT and Snapdragon Mobile across listed SOCs). The issue is a buffer overflow in the video path when parsing an mp4 clip’s esds atom size, which can impact the mp4 parsing component. The CVSS metrics in ...

CVE-2020-11127

CVE-2020-11127 affects Qualcomm Snapdragon firmware components (extensible boot loader) across multiple Snapdragon product lines. The issue is described as an integer overflow that can cause a buffer overflow due to a missing table-length check during validation of security metadata while process...

CVE-2020-11130

CVE-2020-11130 affects Qualcomm Snapdragon WiFi HAL components across multiple Snapdragon families (e.g., QCM4290, SM8250, SDX55, etc.). A root cause is a buffer overflow caused by copying data without validating the destination buffer length, potentially allowing local access to the device memor...

CVE-2020-11121

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X,...

CVE-2020-11123

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting users lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...

CVE-2020-11123

CVE-2020-11123 describes an information disclosure in the gatekeeper TrustZone throttling mechanism that could bypass brute-force protections on lock-screen passwords in Qualcomm Snapdragon-based devices (various APQ/SDM/MDM families). Connected sources confirm it affects Qualcomm closed-source c...

Intel® Visual Compute Accelerator 2 Advisory

Summary: A potential security vulnerability in the Intel® Visual Compute Accelerator 2 may allow escalation of privilege or denial of service. Intel is providing documentation updates to partially mitigate this potential vulnerability. Vulnerability Details CVEID: CVE-2020-8676 Description:...