CVE-2020-11225

CVE-2020-11225 is an out-of-bounds access issue in the WLAN host component used by Qualcomm Snapdragon WLAN/driver across multiple Snapdragon lines. The root cause is lack of validation of array length before copying into an array, enabling a potential memory corruption scenario. Documented impac...

CVE-2020-11225

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2020-11214

CVE-2020-11214 concerns a buffer over-read in processing an NDL attribute on Qualcomm Snapdragon firmware across multiple Snapdragon lines (Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Infrastructure & Networking). The ...

CVE-2020-11215

The CVE-2020-11215 entry concerns Qualcomm Snapdragon components (Snapdragon Auto, Compute, Connectivity, and related features across multiple Snapdragon lines) where an out-of-bounds read can occur while processing a VSA attribute due to an improper minimum length check. Affected products includ...

CVE-2020-11213

Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

CVE-2020-11212

CVE-2020-11212 describes an out-of-bounds read during parsing of NAN beacon attributes and OUIs caused by an improper length check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, CE Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Ne...

CVE-2020-11185

Summary: CVE-2020-11185 is a Qualcomm Snapdragon WLAN driver vulnerability described as an out-of-bounds issue when processing vdev responses from firmware due to missing validation of firmware data. The root cause is lack of input validation of firmware data, affecting Snapdragon product lines (...

CVE-2020-11185

Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

CVE-2020-11140

CVE-2020-11140 describes an out-of-bounds memory access during music playback with ALAC-modified content due to improper validation in Qualcomm Snapdragon components. Affected are Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, and Wire...

CVE-2020-11139

CVE-2020-11139 describes an out-of-bounds memory access when processing frames due to insufficient validation of invalid frames in Qualcomm Snapdragon components (across Snapdragon Auto/Compute/Connectivity/IoT families). The vulnerability affects Snapdragon platforms and is associated with proce...

CVE-2020-11119

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

CVE-2020-11136

CVE-2020-11136 corresponds to a buffer over-read in the Qualcomm audio driver caused by not returning NULL for a zero-sized memory request in the vulnerable Snapdragon family (Auto/Compute/Connectivity/IOT/Mobile, etc.). The issue affects Qualcomm closed‑source components and is listed as Critica...

CVE-2020-11136

Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm product...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm products...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm products...

Security Vulnerabilities in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in several Qualcomm products that...

Integer overflow

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

Information disclosure

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting users lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...

Design/Logic Flaw

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...