237 matches found
CVE-2019-14119
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2019-14119
CVE-2019-14119 describes a TOCTOU race condition in Snapdragon platforms (Auto, Compute, Connectivity, IoT, Mobile, etc.) triggered while processing the SMCInvoke asynchronous message header. The race modifies the message count and leads to memory corruption, affecting a broad set of Qualcomm/Sna...
CVE-2019-14117
CVE-2019-14117 affects Qualcomm/ Snapdragon drivers (e.g., Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130) where a page list update by a privileged user frees elements but does not delete them from the list, causing a use-after-free in the rmnet driver and...
CVE-2019-14089
u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...
CVE-2019-14089
CVE-2019-14089 affects Qualcomm Snapdragon platforms (Kamorta, Nicobar, QCS404/610, Rennell, SA5x, SC7x, SDX55, SM6x/7x/8x, SXR2130) in multiple Snapdragon families. The vulnerability concerns Keymaster attestation key and device IDs provisioning, a one-time process that is incorrectly allowed to...
CVE-2019-14056
u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...
CVE-2019-14065
CVE-2019-14065 is a vulnerability described as a pointer double free in HavenSvc caused by not resetting the freed pointer to NULL. It affects a wide range of Qualcomm-Snapdragon platforms (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Networking) across mul...
CVE-2019-14025
CVE-2019-14025 affects Snapdragon platforms (e.g., Snapdragon Auto/Compute/Consumer IOT/etc.) where, on a new session creation, an Object is returned that contains TZ addresses and is passed to HLOS as a handle to refer to that session. The underlying issue is that this can cause TZ to jump to an...
CVE-2019-13999
u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...
CVE-2019-13999
CVE-2019-13999 involves a lack of check for integer overflow during round-up and addition, causing memory corruption and potential information leakage on multiple Qualcomm/Snapdragon platforms. The vulnerability affects a wide range of Snapdragon products (Auto, Compute, Connectivity, Consumer El...
CVE-2019-10562
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...
CVE-2019-14130
Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...
CVE-2019-14100
Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX5...
CVE-2019-14123
Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55,...
CVE-2019-14124
Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...
Design/Logic Flaw
Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...
Memory corruption
Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...
Buffer overflow
Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C...
Command injection
Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
Design/Logic Flaw
When kernel thread unregistered listener, Use after free issue happened as the listener clients private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...