3787 matches found
CVE-2020-3646
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS60...
CVE-2020-3647
CVE-2020-3647 describes a potential buffer overflow in Qualcomm Snapdragon platforms (Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music) when accessing the npu debugfs node “off”/“log” with a large buffer size. The underlying issue is a buffer overflow in ...
CVE-2020-3640
Technical details for CVE-2020-3640 are not publicly provided in the connected documents; they mention the vulnerability description but do not specify affected products, root cause, exploitability, or remediation. Monitor for updates.
CVE-2020-3643
CVE-2020-3643 relates to an information disclosure issue in Snapdragon SoCs (across Snapdragon Auto, Compute, Connectivity, etc.) caused by incomplete teardown of a secure display-touch session. Affected products include a long list of Snapdragon platforms (e.g., APQ8009, MSM89xx, SDM6xx, QCS6xx,...
CVE-2020-3636
CVE-2020-3636 is an out-of-bounds write in the usage_table header access in Qualcomm Snapdragon firmware components (Snapdragon Auto, Compute, Consumer IoT, Mobile, and related SoCs). The root cause is writing beyond the memory allocated for the header when handling the usage_table header entry, ...
CVE-2020-3621
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...
CVE-2020-3619
CVE-2020-3619 concerns non-secure memory touched during TrustZone execution on Qualcomm Snapdragon SoCs, potentially enabling local privilege escalation or memory corruption. Affected products span a wide range of Snapdragon families (e.g., APQ8009, APQ8017, APQ8053, APQ8098, IPQ8074, Kamorta, MD...
CVE-2020-3620
u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
CVE-2020-3619
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2020-11118
u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2020-11118
CVE-2020-11118 is an information-exposure issue tied to processing of IE headers (beacon IE frame) on Qualcomm Snapdragon platforms. The NVD entry lists affected families (Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Wearables, etc.) and a lon...
CVE-2019-14119
CVE-2019-14119 describes a TOCTOU race condition in Snapdragon platforms (Auto, Compute, Connectivity, IoT, Mobile, etc.) triggered while processing the SMCInvoke asynchronous message header. The race modifies the message count and leads to memory corruption, affecting a broad set of Qualcomm/Sna...
CVE-2019-14117
CVE-2019-14117 affects Qualcomm/ Snapdragon drivers (e.g., Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130) where a page list update by a privileged user frees elements but does not delete them from the list, causing a use-after-free in the rmnet driver and...
CVE-2019-14089
CVE-2019-14089 affects Qualcomm Snapdragon platforms (Kamorta, Nicobar, QCS404/610, Rennell, SA5x, SC7x, SDX55, SM6x/7x/8x, SXR2130) in multiple Snapdragon families. The vulnerability concerns Keymaster attestation key and device IDs provisioning, a one-time process that is incorrectly allowed to...
CVE-2019-14065
CVE-2019-14065 is a vulnerability described as a pointer double free in HavenSvc caused by not resetting the freed pointer to NULL. It affects a wide range of Qualcomm-Snapdragon platforms (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Networking) across mul...
CVE-2019-14052
CVE-2019-14052 affects Qualcomm Snapdragon devices (Auto/Compute/Consumer IoT/Industrial IoT/ Mobile/ Wearables, etc.) across numerous SoCs (APQ8xxx, MDM*, MSM*, QCM/QCS, etc.). The issue arises from accessing an uninitialized data structure, which could cause partial copying of contents and lead...
CVE-2019-14052
u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ801...
CVE-2019-13999
CVE-2019-13999 involves a lack of check for integer overflow during round-up and addition, causing memory corruption and potential information leakage on multiple Qualcomm/Snapdragon platforms. The vulnerability affects a wide range of Snapdragon products (Auto, Compute, Connectivity, Consumer El...
CVE-2019-10596
u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking ...
CVE-2019-10562
CVE-2019-10562 affects Qualcomm Snapdragon families (including IPQ6018, MSM CPUs) with an improper authentication and signature verification of debug policies in the secure boot loader. The root cause is insecure policy loading into secure memory, leading to memory corruption and potential local ...