237 matches found
CVE-2019-2345
Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710...
CVE-2019-2293
Pointer dereference while freeing IFE resources due to lack of length check of in port resource in Qualcomm-derived Snapdragon platforms. Affected products span Snapdragon Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables, and specific SoCs (MSM8909W, QCS405, QCS605, SD 425/427/430/4...
CVE-2019-2334
Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650...
CVE-2019-2301
CVE-2019-2301 involves a potential out-of-bounds read when an SPI-id is not within the FIFO range in Qualcomm Snapdragon devices (Auto/Compute/IoT/Wearables/Networking lines across IPQ4019, IPQ8064, MSM89xx, QCA/N/QCS, and SD/SDM series). The root cause is an SPI path feeding a FIFO with an out-o...
CVE-2019-2327
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650,...
CVE-2019-2316
When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730...
CVE-2019-2301
Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W,...
CVE-2019-2314
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215...
CVE-2019-2290
CVE-2019-2290 affects the Qualcomm camera stack across Snapdragon devices. The root cause is a race condition where multiple threads opening/closing the camera driver can cause access to a destroyed session data pointer, potentially impacting camera operation. Documents from NVD and Red Hat descr...
CVE-2019-2298
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
CVE-2019-2322
CVE-2019-2322 is a buffer overflow vulnerability in Qualcomm Snapdragon media playback paths affecting a wide range of Snapdragon SoCs and product lines (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon Mobile, Media frameworks). The issue occurs when playing a specific non-standard clip, e...
CVE-2019-2314
CVE-2019-2314 describes a race condition that can cause a use-after-free when writing to two sysfs entries in Qualcomm/Snapdragon components. Affected are Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables acro...
CVE-2019-2312
When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in...
CVE-2019-2278
User keystore signature is ignored in boot and can lead to bypass boot image signature verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660...
CVE-2019-2273
CVE-2019-2273: IOMMU page fault when playing H.265 video files causes denial of service on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity/IoT, Mobile, Wearables) across listed SoCs (MSM8909W, QCS605, SD 210/212/205, SD 425/427/430/435/439/ SD 429, SD 450, SD 625/650/652...
CVE-2018-13897
CVE-2018-13897 affects Snapdragon devices running dnsmasq, where a hostname is added to the device’s DNS records, causing information exposure (confidentiality impact). Affected families include Snapdragon Auto, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Wearables across numerous SD...
CVE-2019-2272
Buffer overflow can occur in display function due to lack of validation of header block size set by user. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909...
CVE-2019-2241
CVE-2019-2241 affects Qualcomm Snapdragon firmware across numerous Snapdragon Auto, Compute, Connectivity, and IoT platforms (e.g., MDM9150/MDM9607/SDX24/SD 210–SD 855 family). The root cause is improper error status checks and incorrect status handling during layout background rendering, leading...
CVE-2019-2238
Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...
CVE-2018-13897
Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640,...