413 matches found
Buffer overflow
Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,...
CVE-2019-2346
Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ807...
CVE-2019-2346
CVE-2019-2346 affects Qualcomm Snapdragon family firmware (Snapdragon Compute, Snapdragon Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Infrastructure/Networking) impacting IPQ8074, QCA8081, QCS404/QCS405/QCS605 and various SD/SDM platforms. Description: a memory overwrite loop trigg...
CVE-2019-2343
Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2019-2345
Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710...
CVE-2019-2293
Pointer dereference while freeing IFE resources due to lack of length check of in port resource in Qualcomm-derived Snapdragon platforms. Affected products span Snapdragon Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables, and specific SoCs (MSM8909W, QCS405, QCS605, SD 425/427/430/4...
CVE-2019-2334
Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650...
CVE-2019-2301
CVE-2019-2301 involves a potential out-of-bounds read when an SPI-id is not within the FIFO range in Qualcomm Snapdragon devices (Auto/Compute/IoT/Wearables/Networking lines across IPQ4019, IPQ8064, MSM89xx, QCA/N/QCS, and SD/SDM series). The root cause is an SPI path feeding a FIFO with an out-o...
CVE-2019-2327
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650,...
CVE-2019-2316
When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730...
CVE-2019-2301
Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W,...
CVE-2019-2314
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215...
CVE-2019-2290
CVE-2019-2290 affects the Qualcomm camera stack across Snapdragon devices. The root cause is a race condition where multiple threads opening/closing the camera driver can cause access to a destroyed session data pointer, potentially impacting camera operation. Documents from NVD and Red Hat descr...
CVE-2019-2298
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
CVE-2019-2322
CVE-2019-2322 is a buffer overflow vulnerability in Qualcomm Snapdragon media playback paths affecting a wide range of Snapdragon SoCs and product lines (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon Mobile, Media frameworks). The issue occurs when playing a specific non-standard clip, e...
CVE-2019-2314
CVE-2019-2314 describes a race condition that can cause a use-after-free when writing to two sysfs entries in Qualcomm/Snapdragon components. Affected are Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables acro...
CVE-2019-2312
When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in...
CVE-2019-2278
User keystore signature is ignored in boot and can lead to bypass boot image signature verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660...
CVE-2019-2273
CVE-2019-2273: IOMMU page fault when playing H.265 video files causes denial of service on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity/IoT, Mobile, Wearables) across listed SoCs (MSM8909W, QCS605, SD 210/212/205, SD 425/427/430/435/439/ SD 429, SD 450, SD 625/650/652...
CVE-2018-13897
CVE-2018-13897 affects Snapdragon devices running dnsmasq, where a hostname is added to the device’s DNS records, causing information exposure (confidentiality impact). Affected families include Snapdragon Auto, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Wearables across numerous SD...