718 matches found
Out-of-bounds
Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...
Buffer overflow
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
Buffer overflow
Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1965
CVE-2021-1965 describes a buffer overflow in Qualcomm WLAN/MBSSID handling caused by missing parameter length checks during MBSSID scan IE parsing in Snapdragon components (Auto/Compute/Connectivity/Mobile/Wired). The NVD/Red Hat entries rate it Critical (CVSSv3.1: 9.8, Network, No privileges, Us...
CVE-2021-1964
CVE-2021-1964 corresponds to a buffer over-read in Qualcomm WLAN/IEEE 802.11 beacon parsing due to improper validation of IE size in the WLAN host subsystem. Affected are Qualcomm Snapdragon/WLAN components (e.g., QCA6574AU and related chips) across multiple Snapdragon device families. Root cause...
CVE-2021-1954
Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1954
The CVE-2021-1954 issue is a buffer over-read in Qualcomm’s Snapdragon family (parsing FILS indication IE) caused by improper validation of the data pointer. Affects Qualcomm/ Snapdragon components; CVSS v3.1 indicates high severity (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) with network lead and high...
CVE-2021-1945
Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1943
CVE-2021-1943 describes a buffer out-of-bounds read due to improper TBTT count/length validation when parsing beacon responses in Qualcomm Snapdragon WLAN components across Snapdragon Auto, Compute, Connectivity, Industrial IOT, Mobile, and Wired Infrastructure and Networking. The vulnerability d...
CVE-2021-1943
Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1938
CVE-2021-1938 concerns a Qualcomm/Snapdragon issue involving an assertion caused by improper verification when creating and deleting a peer across multiple Snapdragon subsystems (Auto, Compute, Connectivity, etc.). The root cause is described as improper verification during peer creation/deletion...
CVE-2021-1938
Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
openSUSE 15 Security Update : kernel (openSUSE-SU-2021:0947-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0947-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-4999-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4999-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A...
CVE-2021-1937
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
CVE-2020-11267
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Stack overflow
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Integer overflow
Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1937
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
CVE-2020-11304
CVE-2020-11304 is a Qualcomm closed‑source component vulnerability describing an out-of-bounds read in DRM due to improper buffer length checks, impacting Snapdragon devices (e.g., Snapdragon Auto/Compute/Connectivity/IoT/Networking stacks). The CVE is listed with high impact (CVE/3.1) and high s...