Sa9000P Firmware Security Vulnerabilities
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
7.8CVSS
7.7AI Score
0.0004EPSS
Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
7.8CVSS
7.7AI Score
0.0004EPSS
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Inf...
7.8CVSS
7.7AI Score
0.0004EPSS
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
9.3CVSS
7.8AI Score
0.0004EPSS
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
7.8CVSS
7.8AI Score
0.0004EPSS
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...
7.3CVSS
6.9AI Score
0.001EPSS
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile
7.1CVSS
6.5AI Score
0.0004EPSS
Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto
8.4CVSS
7.9AI Score
0.0004EPSS
Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile
8.4CVSS
7.8AI Score
0.0004EPSS
Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
9.3CVSS
7.6AI Score
0.0004EPSS
Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
8.4CVSS
7.8AI Score
0.0004EPSS
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
6.2CVSS
5.7AI Score
0.0004EPSS
information disclosure due to cryptographic issue in Core during RPMB read request.
7.1CVSS
5.2AI Score
0.0004EPSS
Memory corruption in multimedia due to improper validation of array index in Snapdragon Auto
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto
8.4CVSS
7.8AI Score
0.0004EPSS
Denial of service in multimedia due to uncontrolled resource consumption while parsing an incoming HAB message in Snapdragon Auto
6.2CVSS
5.6AI Score
0.0005EPSS
Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in multimedia due to improper check on the messages received. in Snapdragon Auto
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in multimedia due to improper length check while copying the data in Snapdragon Auto
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
8.4CVSS
7.7AI Score
0.0004EPSS
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
7.1CVSS
6.8AI Score
0.0004EPSS
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
8.1CVSS
7.6AI Score
0.0004EPSS
Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto
8.4CVSS
7.9AI Score
0.0005EPSS
Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.
6CVSS
5.5AI Score
0.0005EPSS
8.2CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.
9.3CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to double free in core while initializing the encryption key.
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
9.3CVSS
7AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
9.3CVSS
7.9AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.
7.3CVSS
5.6AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.
8.4CVSS
8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
9.3CVSS
9AI Score
0.0004EPSS
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
8.4CVSS
7.6AI Score
0.0004EPSS
Memory corruption due to double free in Core while mapping HLOS address to the list.
8.4CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
8AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
8.4CVSS
8AI Score
0.0004EPSS
7.1CVSS
5.4AI Score
0.0004EPSS
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
7.8CVSS
7.6AI Score
0.0004EPSS
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
6.2CVSS
5.4AI Score
0.0004EPSS
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
7.1CVSS
7AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.001EPSS