CVE-2020-11259

CVE-2020-11259 concerns memory corruption due to lack of validation of pointer arguments passed to the TrustZone BSP in Snapdragon Wired Infrastructure and Networking. The root cause is missing validation in the TrustZone BSP, enabling a local attacker with low complexity and no authentication to...

CVE-2020-11259

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking...

CVE-2020-11258

CVE-2020-11258 concerns memory corruption caused by lack of validation of pointer arguments passed to the TrustZone BSP in Snapdragon Wired Infrastructure and Networking. Connected sources reference this CVE and reiterate the same issue; no explicit exploit details or remediation/version informat...

CVE-2020-11258

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking...

CVE-2020-11256

CVE-2020-11256 concerns memory corruption caused by lack of validation of a pointer to a buffer passed to TrustZone in Snapdragon Wired Infrastructure and Networking. The vulnerability is described across multiple sources as affecting the TrustZone interface on Qualcomm Snapdragon platforms, with...

CVE-2020-11257

CVE-2020-11257 affects Qualcomm Snapdragon platforms, specifically the TrustZone BSP in Snapdragon Wired Infrastructure and Networking. The root cause is memory corruption due to lack of validation of pointer arguments passed to the TrustZone BSP. CVSS data indicates a high-severity, local-attack...

CVE-2020-11256

Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking...

CVE-2020-11257

Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking...

CVE-2020-11250

CVE-2020-11250 is a use-after-free vulnerability caused by a race condition when reopening a Snapdragon device driver repeatedly across Snapdragon Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables/Wired Infrastructure and Networking. Affects Qualcomm components ...

CVE-2020-11238

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2020-11235

CVE-2020-11235 describes a buffer overflow that can occur while parsing a unified command due to insufficient input validation in Qualcomm Snapdragon components (Auto, Compute, Connectivity, etc.). The issue is triggered locally and can impact confidentiality, integrity, and availability, as indi...

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobil...

CVE-2020-11165

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired...

CVE-2020-11165

CVE-2020-11165 : Memory corruption due to a buffer overflow when copying the HLOS message into a buffer without validating its length. Affects Qualcomm Snapdragon platforms (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Wired Infrastructure and Networking). Root ca...

CVE-2020-11134

CVE-2020-11134 affects Qualcomm Snapdragon family (Snapdragon Auto/Compute/Connectivity, etc.). The root cause is insufficient validation of time bitmap length and bit duration fields in NAN management frame attributes, leading to a possible stack out-of-bounds write within NAN ranging setup. The...

CVE-2020-11159

CVE-2020-11159 is a buffer over-read in Snapdragon/Qualcomm code while processing WPA/RSN IE in beacon and response frames. The flaw occurs when the IE length is shorter than the frame pointer being accessed, potentially affecting multiple Snapdragon product families (Auto, Compute, Connectivity,...

Security Vulnerability in Apple’s Silicon “M1” Chip

The website for the M1racles security vulnerability is an excellent demonstration that not all vulnerabilities are exploitable. Be sure to read the FAQ through to the end. EDITED TO ADD: Wired article...

DEBIAN-CVE-2020-24587

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

Design/Logic Flaw

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

UBUNTU-CVE-2020-26146

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented...