519 matches found
CVE-2020-3646
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS60...
CVE-2020-3643
CVE-2020-3643 relates to an information disclosure issue in Snapdragon SoCs (across Snapdragon Auto, Compute, Connectivity, etc.) caused by incomplete teardown of a secure display-touch session. Affected products include a long list of Snapdragon platforms (e.g., APQ8009, MSM89xx, SDM6xx, QCS6xx,...
CVE-2020-3621
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...
CVE-2020-3619
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2020-3619
CVE-2020-3619 concerns non-secure memory touched during TrustZone execution on Qualcomm Snapdragon SoCs, potentially enabling local privilege escalation or memory corruption. Affected products span a wide range of Snapdragon families (e.g., APQ8009, APQ8017, APQ8053, APQ8098, IPQ8074, Kamorta, MD...
CVE-2020-3620
u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
CVE-2020-3611
CVE-2020-3611 affects Qualcomm/Qualcomm-based Snapdragon platforms (e.g., APQ8098, Kamorta, MSM8998, QCS404/605, SDA660/845, SDM6xx/7xx, SXR1130, etc.). The root cause is an improper access issue caused by XBL SEC clearing only the ZI region when loading Qualcomm-signed segments, which can lead t...
CVE-2020-11133
CVE-2020-11133 describes a possible out-of-bounds array write in the rxdco_cal Utility, caused by a missing array bounds check in Snapdragon Compute/IoT platforms (MSM8998, QCS605, SDA845, SDM63x/66x/67x/710/845/850, SXR1130). Root cause: insufficient bounds checking leading to out-of-bounds acce...
CVE-2020-11118
u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2019-14119
CVE-2019-14119 describes a TOCTOU race condition in Snapdragon platforms (Auto, Compute, Connectivity, IoT, Mobile, etc.) triggered while processing the SMCInvoke asynchronous message header. The race modifies the message count and leads to memory corruption, affecting a broad set of Qualcomm/Sna...
CVE-2019-14119
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2019-14056
u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...
CVE-2019-14065
CVE-2019-14065 is a vulnerability described as a pointer double free in HavenSvc caused by not resetting the freed pointer to NULL. It affects a wide range of Qualcomm-Snapdragon platforms (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Networking) across mul...
CVE-2019-14052
u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ801...
CVE-2019-14052
CVE-2019-14052 affects Qualcomm Snapdragon devices (Auto/Compute/Consumer IoT/Industrial IoT/ Mobile/ Wearables, etc.) across numerous SoCs (APQ8xxx, MDM*, MSM*, QCM/QCS, etc.). The issue arises from accessing an uninitialized data structure, which could cause partial copying of contents and lead...
CVE-2019-13999
u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...
CVE-2019-13999
CVE-2019-13999 involves a lack of check for integer overflow during round-up and addition, causing memory corruption and potential information leakage on multiple Qualcomm/Snapdragon platforms. The vulnerability affects a wide range of Snapdragon products (Auto, Compute, Connectivity, Consumer El...
CVE-2019-10628
CVE-2019-10628 describes a memory-corruption issue in the kernel where a random index can manipulate TLB entries via a user library provenance. Affected devices include Snapdragon platforms (APQ8098, SDM660/670/710/845/850, SMx series, QCS/QCN/SCx, and others listed in the entry). The root cause ...
CVE-2019-10596
u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking ...
CVE-2019-10562
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...