358 matches found
PT-2021-1512 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.6 Description: An issue was discovered in the Linux kernel where the fastrpc internal invoke function in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages. This coul...
CVE-2020-11277
Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile...
Race condition
Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2020-11277
CVE-2020-11277 describes a race condition in Qualcomm/Snapdragon platforms (Compute, Industrial IoT, Mobile) during an async fastrpc session: the fastrpc context can be freed after sending an RPC, creating a potential vulnerability during async processing. The provided sources (Red Hat advisory a...
Qualcomm Dsp Service Resource Management Error Vulnerability
Qualcomm Dsp Service is a digital signal processor from Qualcomm Incorporated that meets the needs of mobile platforms for multimedia and modem functionality, deep embedded processing. A security vulnerability exists in Qualcomm Dsp Service that arises from the fastrpc ctx being free during an...
CVE-2020-11206
Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610,...
Buffer overflow
Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610,...
CVE-2020-11206
CVE-2020-11206 describes a possible buffer overflow in Qualcomm’s Fastrpc when handling received parameters due to insufficient input validation. Affected devices span Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, and Mobile families, including APQ8098 through SM8350P variants. Root cau...
CVE-2020-11206
Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610,...
PT-2020-12595 · Qualcomm · Snapdragon Auto +5
Name of the Vulnerable Software and Affected Versions: Snapdragon Auto versions APQ8098 through SM8350P Snapdragon Compute versions APQ8098 through SM8350P Snapdragon Consumer IOT versions APQ8098 through SM8350P Snapdragon Industrial IOT versions APQ8098 through SM8350P Snapdragon Mobile version...
Race condition
u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wir...
CVE-2020-11173
CVE-2020-11173 describes a race condition caused by two threads running from user space in Qualcomm/ Snapdragon fastRPC driver. Public records show this vulnerability as affecting Qualcomm Kernel components with high severity (local) and is listed in CVE-2020-11173 across multiple vendor advisori...
Race condition
A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, QCS605, QM215, SA415M, SDM429, SDM429W, SDM439...
CVE-2020-3680
CVE-2020-3680 describes a race condition in the fastrpc memory mapping API that affects Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/IoT families) including APQ8009, APQ8053, MSM89xx, QCS605, SDM/SMR series, SXR1130, and others. Root cause: race condition within fastrpc mmap handl...
CVE-2020-3680
A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, QCS605, QM215, SA415M, SDM429, SDM429W, SDM439...
CVE-2019-10558
While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag...
Design/Logic Flaw
While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag...
CVE-2019-10558
CVE-2019-10558 describes an out-of-bounds condition in the Qualcomm FastRPC HLOS driver when transferring data from APPS to DSP, where a data buffer controllable by the DSP on a range of Snapdragon platforms (Auto/Compute/CE Connectivity/IoT/Industrial IoT/Mobile/Voice & Music/Wearables) could be...
CVE-2019-10558
While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag...
USN-4208-1: Linux kernel vulnerabilities
Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operations when used in conjunction with AUFS. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary...