Lucene search

K

Mdm9607 Firmware Security Vulnerabilities - February 2020

cve
cve

CVE-2019-10567

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...

7.8CVSS

7.6AI Score

0.0004EPSS

2020-02-07 05:15 AM
188
cve
cve

CVE-2019-10590

Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

9.8CVSS

9.3AI Score

0.002EPSS

2020-02-07 05:15 AM
79
cve
cve

CVE-2019-14040

Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

7.8CVSS

7.9AI Score

0.0004EPSS

2020-02-07 05:15 AM
88
cve
cve

CVE-2019-14049

Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

7.8CVSS

7.6AI Score

0.0004EPSS

2020-02-07 05:15 AM
78
cve
cve

CVE-2019-14051

Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607

7.8CVSS

7.9AI Score

0.0004EPSS

2020-02-07 05:15 AM
71
cve
cve

CVE-2019-14055

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon ...

7.8CVSS

7.8AI Score

0.0004EPSS

2020-02-07 05:15 AM
74
cve
cve

CVE-2019-14057

Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...

9.1CVSS

9.1AI Score

0.002EPSS

2020-02-07 05:15 AM
78
cve
cve

CVE-2019-14060

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mo...

7.8CVSS

7.8AI Score

0.0004EPSS

2020-02-07 05:15 AM
85
cve
cve

CVE-2019-14063

Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ601...

9.1CVSS

8.9AI Score

0.002EPSS

2020-02-07 05:15 AM
72
cve
cve

CVE-2019-14088

Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...

7.8CVSS

7.8AI Score

0.001EPSS

2020-02-07 05:15 AM
74