419 matches found
CVE-2019-2301
CVE-2019-2301 involves a potential out-of-bounds read when an SPI-id is not within the FIFO range in Qualcomm Snapdragon devices (Auto/Compute/IoT/Wearables/Networking lines across IPQ4019, IPQ8064, MSM89xx, QCA/N/QCS, and SD/SDM series). The root cause is an SPI path feeding a FIFO with an out-o...
CVE-2019-2327
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650,...
CVE-2019-2316
When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730...
CVE-2019-2301
Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W,...
CVE-2019-2314
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215...
CVE-2019-2290
CVE-2019-2290 affects the Qualcomm camera stack across Snapdragon devices. The root cause is a race condition where multiple threads opening/closing the camera driver can cause access to a destroyed session data pointer, potentially impacting camera operation. Documents from NVD and Red Hat descr...
CVE-2019-2298
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
CVE-2019-2322
CVE-2019-2322 is a buffer overflow vulnerability in Qualcomm Snapdragon media playback paths affecting a wide range of Snapdragon SoCs and product lines (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon Mobile, Media frameworks). The issue occurs when playing a specific non-standard clip, e...
CVE-2019-2314
CVE-2019-2314 describes a race condition that can cause a use-after-free when writing to two sysfs entries in Qualcomm/Snapdragon components. Affected are Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables acro...
CVE-2019-2312
When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in...
CVE-2019-2278
User keystore signature is ignored in boot and can lead to bypass boot image signature verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660...
CVE-2019-2273
CVE-2019-2273: IOMMU page fault when playing H.265 video files causes denial of service on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity/IoT, Mobile, Wearables) across listed SoCs (MSM8909W, QCS605, SD 210/212/205, SD 425/427/430/435/439/ SD 429, SD 450, SD 625/650/652...
CVE-2019-2272
Buffer overflow can occur in display function due to lack of validation of header block size set by user. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909...
CVE-2019-2241
CVE-2019-2241 affects Qualcomm Snapdragon firmware across numerous Snapdragon Auto, Compute, Connectivity, and IoT platforms (e.g., MDM9150/MDM9607/SDX24/SD 210–SD 855 family). The root cause is improper error status checks and incorrect status handling during layout background rendering, leading...
CVE-2019-2263
This CVE (CVE-2019-2263) affects Qualcomm/Qualcomm Snapdragon kernel components, specifically a use-after-free in the diag driver that can access freed memory during reads. The issue spans numerous Snapdragon generations and device families (e.g., IPQ4019, IPQ8064, MDM9xxx, SDM/SDx series). Root ...
CVE-2019-2272
CVE-2019-2272 is a buffer overflow in the display function caused by insufficient validation of the header block size in Qualcomm Snapdragon devices (including Snapdragon Auto/IoT/Mobile/Wearables families such as SD 210–SD 212/SD 205, 425, 427, 430, 435, 450, 615/16/415, 625, 636, 650/52, 712/71...
CVE-2019-2276
Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607,...
CVE-2018-13924
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2019-2264
Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MDM9640, MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD...
CVE-2019-2260
A race condition occurs while processing perf-event which can lead to a use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...