413 matches found
Code injection
DCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
Memory corruption
Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574,...
Buffer overflow
Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...
Code injection
Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081,...
Design/Logic Flaw
Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Stack overflow
Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, ...
Design/Logic Flaw
Lack of check for a negative value returned for getclk is wrongly interpreted as valid pointer and lead to use after free in clk driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,...
Buffer overflow
Incorrect reading of system image resulting in buffer overflow when size of system image is increased in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SDM439...
CVE-2019-2324
When ADSP is compromised, the audio port index thats returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2019-2285
CVE-2019-2285 describes an out-of-bounds write bug in Qualcomm Snapdragon media handling related to reporting properties during video playback. Affected are Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables platforms across numerous SDM/SD vari...
CVE-2019-2285
Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2019-2249
CVE-2019-2249 affects Qualcomm Snapdragon kernel code and enables a memory read from an arbitrary address supplied by user during a syscall. Documented in multiple sources (NVD, Red Hat), it lists extensive Snapdragon family coverage (e.g., IPQ8074, SD 427/435/450/625/636/665/675/712/710/670/730/...
CVE-2019-10542
Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesnt match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music i...
CVE-2019-10534
Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W,...
CVE-2019-10541
Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W,...
CVE-2019-10531
CVE-2019-10531 describes an incorrect reading of the system image that results in a buffer overflow when the system image size is increased, affecting Snapdragon Auto, Mobile and Wearables platforms (MDM9607, MSM8909W, Qualcomm 215, SD 210/212/205, SD 425, 439/429, 450, 625, 632, SDM439 and relat...
CVE-2019-10531
Incorrect reading of system image resulting in buffer overflow when size of system image is increased in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SDM439...
CVE-2019-10529
Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function setpagedirty in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2019-10502
CVE-2019-10502 is a stack overflow vulnerability described across multiple Qualcomm Snapdragon camera implementations. The issue arises when an index equal to the I/O buffer size is accessed within the camera module, affecting a wide range of Snapdragon Compute, Snapdragon Consumer IoT, Snapdrago...
CVE-2019-10495
CVE-2019-10495 describes an arbitrary buffer write during processing of sequence headers for HEVC/AVC encoding in Qualcomm Snapdragon SoCs (wide range of Snapdragon Auto/Compute/Connectivity/IoT devices). The vulnerability is caused by a buffer-write flaw in the encoder path; vulnerable component...