CVE-2021-47609

CVE-2021-47609 : Linux kernel vulnerability in the SCPI genpd driver for arm SCPI firmware. The issue was a missing bound check on scpi_pd->name, which could overflow a 30-byte buffer when copying the device name, potentially leading to memory corruption. The fix allocates the string dynamical...

CVE-2021-47609 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpipd-name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name...

Buffer Overflows

bsdiff:sid is vulnerable to buffer overflows. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries...

Memory corruption

A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries...

CVE-2020-14315

A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries...

CVE-2019-10484

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...