CVE-2020-11307

Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

CVE-2020-11307

CVE-2020-11307 describes a buffer overflow in Qualcomm’s modem stack due to an improper array index check when copying into a buffer in multiple Snapdragon family components (Auto, Compute, Connectivity, CIoT, Industrial IoT, Wearables). The root cause is an input/length handling issue that can l...

Qualcomm 芯片缓冲区错误漏洞

The Qualcomm SDX55 and MSM8909 are both products of Qualcomm Incorporated.The SDX55 is a modem.The MSM8909 is a central processing unit CPU product. The qualcomm chips have a buffer error vulnerability that stems from a lack of length checking when flashing a meta-image, which could result in an...

Qualcomm 芯片缓冲区错误漏洞

Qualcomm MDM9206 and others are products of Qualcomm Incorporated Qualcomm.MDM9206 is a central processing unit CPU product.APQ8053 is a central processing unit CPU product.SDX55 is a modem. qualcomm A buffer error vulnerability exists in multiple products that stems from a lack of length checkin...

Unauthorized Access Vulnerability in Compaq ARRIS Touchstone Telephony Modem

Ltd. is mainly engaged in the research, development, manufacture and promotion of communication fiber optic cables, components and raw materials, fiber optic cables, cables, broadband access network communication system equipment and materials. An unauthorized access vulnerability exists in the...

CVE-2020-11274

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

Design/Logic Flaw

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2020-11274

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2020-11274

CVE-2020-11274 describes a denial-of-service in Qualcomm’s MODEM triggered by an assertion on an invalid configuration across Snapdragon Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile families. Connected sources (e.g., Red Hat security page, CNNVD Qualcomm component listing) referen...

Qualcomm Chip Bug Opens Android Fans to Eavesdropping

A vulnerability in a 5G modem data service could allow mobile hackers to remotely target Android users by injecting malicious code into a phone’s modem – gaining the ability to execute code, access mobile users’ call histories and text messages, and eavesdrop on phone calls. That’s according to...

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems MSM that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. "If exploited, the vulnerability would...

D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4. Thanks & Acknowledgements 5. References 6. Credits 7. Legal...

D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow Vulnerability

The D-Link DSL-320B-D1 ADSL modem suffers from multiple pre-authentication stack buffer overflow vulnerabilities. Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4...

Qualcomm 芯片 安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products th...

Qualcomm 芯片 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A security vulnerability exists in a number of...

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-11186

Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

Design/Logic Flaw

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Input validation

Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

CVE-2020-11226

CVE-2020-11226 concerns a memory-read out-of-bounds vulnerability in Qualcomm closed-source Data modem logic, stemming from a missing offset-length check during unpacking. Affected products span Snapdragon Auto/Compute/Connectivity/IoT lines (Qualcomm closed-source components). The underlying fla...