Lucene search
K
QualcommPm3003a

32 matches found

CVE
CVE
added 2021/01/21 9:41 a.m.225 views

CVE-2020-11179

CVE-2020-11179 is a Qualcomm Adreno GPU/kernel-driver vulnerability. The attack targets the KGSL global shared mappings, specifically the scratch buffer used to share data between CPU and GPU. The RPTR (ringbuffer read pointer) is read from the scratch buffer, and the patch for CVE-2019-10567 ran...

7CVSS7.1AI score0.00316EPSS
CVE
CVE
added 2021/02/22 6:26 a.m.131 views

CVE-2020-11282

The CVE-2020-11282 issue is an improper access-control vulnerability in the KGSL driver on Snapdragon platforms (Snapdragon Auto/Compute/Connectivity, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.). A special mmap offset can map the GPU memstore into user space, enabling local attacker ac...

7.8CVSS7.6AI score0.00182EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.125 views

CVE-2020-11225

CVE-2020-11225 is an out-of-bounds access issue in the WLAN host component used by Qualcomm Snapdragon WLAN/driver across multiple Snapdragon lines. The root cause is lack of validation of array length before copying into an array, enabling a potential memory corruption scenario. Documented impac...

10CVSS9.2AI score0.01085EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.116 views

CVE-2020-11146

CVE-2020-11146 describes an out-of-bounds write during IOCTL data copying due to missing check of a user-provided array index in Qualcomm Snapdragon components (across Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables). This enables a local att...

7.8CVSS7.7AI score0.00207EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.104 views

CVE-2020-11167

CVE-2020-11167 is a Qualcomm Snapdragon Bluetooth issue where memory corruption can occur in the L2CAP reassembly logic if a remote device sends more data than expected. Connected sources (Qualcomm December 2020 bulletins, Red Hat advisory, NVD entry) confirm affected Snapdragon Bluetooth compone...

10CVSS9.5AI score0.0122EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.102 views

CVE-2020-11185

Summary: CVE-2020-11185 is a Qualcomm Snapdragon WLAN driver vulnerability described as an out-of-bounds issue when processing vdev responses from firmware due to missing validation of firmware data. The root cause is lack of input validation of firmware data, affecting Snapdragon product lines (...

7.8CVSS7.6AI score0.00219EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.94 views

CVE-2020-11217

CVE-2020-11217 involves a vulnerability in the Qualcomm Snapdragon audio driver (Speaker Protection parameters) that can cause a double free or invalid memory access in the affected audio subsystem. Reported impact targets Snapdragon Compute, Connectivity, Industrial IoT, and Mobile SKUs, with th...

7.8CVSS7.7AI score0.00205EPSS
CVE
CVE
added 2021/02/22 6:26 a.m.82 views

CVE-2020-11283

CVE-2020-11283 is a buffer overflow vulnerability described in the NVD entry as occurring during MKV playback due to insufficient input validation in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The connected Red Hat...

9.8CVSS9.5AI score0.00683EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.76 views

CVE-2020-11136

CVE-2020-11136 corresponds to a buffer over-read in the Qualcomm audio driver caused by not returning NULL for a zero-sized memory request in the vulnerable Snapdragon family (Auto/Compute/Connectivity/IOT/Mobile, etc.). The issue affects Qualcomm closed‑source components and is listed as Critica...

10CVSS9.3AI score0.01054EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.76 views

CVE-2020-11213

CVE-2020-11213 describes out-of-bounds reads in Snapdragon components (Auto, Compute, Connectivity, and related Snapdragon devices) caused by improper validation of field lengths while processing a Service descriptor. The issue affects a wide range of Snapdragon platforms (Auto, Compute, Connecti...

9.8CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2021/02/22 6:26 a.m.76 views

CVE-2020-11287

The CVE-2020-11287 issue affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Consumer Electronics/IoT families) where RTT frames can be linked with non-randomized MAC addresses by comparing sequence numbers, leading to information disclosure. Root cause: information disclosure due to...

7.5CVSS7.3AI score0.00692EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.71 views

CVE-2020-11137

CVE-2020-11137 describes an integer multiplication overflow in Qualcomm Snapdragon components that leads to a smaller-than-expected buffer allocation, causing memory access out of bounds and potential device instability across Snapdragon Auto/Compute/Connectivity/IoT families. Public sources (NVD...

10CVSS9.6AI score0.01085EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.63 views

CVE-2020-11144

CVE-2020-11144 affects Qualcomm Snapdragon family components (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables). Root cause: buffer over-read from decompression of invalid DL ROHC packets due to missing size check on the compressed packet...

9.1CVSS9.1AI score0.00879EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.61 views

CVE-2020-11215

The CVE-2020-11215 entry concerns Qualcomm Snapdragon components (Snapdragon Auto, Compute, Connectivity, and related features across multiple Snapdragon lines) where an out-of-bounds read can occur while processing a VSA attribute due to an improper minimum length check. Affected products includ...

9.1CVSS9AI score0.00879EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.60 views

CVE-2020-11149

CVE-2020-11149 involves an out-of-bounds access caused by an out-of-range pointer offset in the camera driver across Snapdragon platforms (Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables). The vulnerability stems from improper pointer handling in the camera su...

7.2CVSS7.2AI score0.00208EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.58 views

CVE-2020-3686

CVE-2020-3686 concerns a memory out-of-bounds issue during music playback when an incorrect bitstream is copied into an array without length checks in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, and related infr...

10CVSS9.3AI score0.01194EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.57 views

CVE-2020-11140

CVE-2020-11140 describes an out-of-bounds memory access during music playback with ALAC-modified content due to improper validation in Qualcomm Snapdragon components. Affected are Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, and Wire...

10CVSS9.3AI score0.01054EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.57 views

CVE-2020-11143

CVE-2020-11143 affects Qualcomm Snapdragon components (Auto/Compute/Connectivity/IoT/Wearables, etc.). The issue is a memory safety vulnerability causing out-of-bounds reads/writes during music playback when content is modified, stemming from copying data without validating the destination buffer...

10CVSS9.3AI score0.01054EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.56 views

CVE-2020-11148

CVE-2020-11148 describes a use-after-free in HIDL when posting events from a callback in a Snapdragon stack (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Wearables). The root cause is that a callback instance can be deleted in a window where an internal mutex is not held and a clo...

7.2CVSS7.5AI score0.00208EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.56 views

CVE-2020-3691

CVE-2020-3691 describes a possible out-of-bounds memory access in audio due to an integer underflow when processing modified contents in Qualcomm Snapdragon closed‑source components (audio path). The root cause is an integer underflow leading to out-of-bounds reads/writes in the affected audio pr...

10CVSS9.3AI score0.01054EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.55 views

CVE-2020-11138

CVE-2020-11138 concerns Qualcomm Snapdragon components (notably in Snapdragon Auto/Compute/Connectivity/IoT/Wearables and related Snapdragon media paths) where uninitialized heap memory leads to uninitialized pointers during music playback with an incorrect bitstream, causing instability. The vul...

10CVSS9.3AI score0.01085EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.55 views

CVE-2020-11139

CVE-2020-11139 describes an out-of-bounds memory access when processing frames due to insufficient validation of invalid frames in Qualcomm Snapdragon components (across Snapdragon Auto/Compute/Connectivity/IoT families). The vulnerability affects Snapdragon platforms and is associated with proce...

7.5CVSS7.6AI score0.00778EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.55 views

CVE-2020-11214

CVE-2020-11214 concerns a buffer over-read in processing an NDL attribute on Qualcomm Snapdragon firmware across multiple Snapdragon lines (Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Infrastructure & Networking). The ...

7.5CVSS7.7AI score0.00778EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.55 views

CVE-2020-11216

CVE-2020-11216 is a buffer over-read in the video driver when playing a clip where atomsize equals UINT32_MAX, affecting Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Voice & Music/Wearables). The issue is triggered during video processing and is docu...

9.8CVSS9.2AI score0.00911EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.54 views

CVE-2020-11145

CVE-2020-11145 describes a divide-by-zero flaw in the delta extension header update caused by improper validation of master SN and extension header SN in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Wearables, etc.). This is reported acro...

7.5CVSS7.6AI score0.00778EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.54 views

CVE-2020-3685

CVE-2020-3685 affects Qualcomm closed‑source components used in Snapdragon platforms. The issue arises from a freed pointer variable not being cleared, which can lead to memory corruption and result in a denial of service on devices such as Snapdragon Auto, Compute, Connectivity, IoT, Wearables, ...

7.8CVSS7.7AI score0.00921EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.53 views

CVE-2020-11212

CVE-2020-11212 describes an out-of-bounds read during parsing of NAN beacon attributes and OUIs caused by an improper length check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, CE Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Ne...

9.8CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.51 views

CVE-2020-11150

CVE-2020-11150 describes an out-of-bounds memory access in the camera driver caused by improper validation of data from UMD, which affects pointer offset manipulation across multiple Snapdragon SKUs (Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables). The issue ...

7.2CVSS7.2AI score0.00208EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.51 views

CVE-2020-11180

The CVE-2020-11180 issue is an out-of-bounds access in Snapdragon computer vision controls caused by improper validation of command length before processing. Affected components include Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT and Mobile; the root cause is input length...

7.8CVSS7.8AI score0.00219EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.51 views

CVE-2020-11197

CVE-2020-11197 affects Qualcomm Snapdragon platforms (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The issue is a possible integer overflow in stream info update when the total number of detected streams is zero while parsing a TS clip with invalid...

9.8CVSS9.5AI score0.00911EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.51 views

CVE-2020-11200

CVE-2020-11200 is a buffer over-read during parsing of RPS caused by insufficient input validation, affecting Qualcomm Snapdragon family (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile). The vulnerability concerns a faulty parse path in a component/function/file used by Snapdra...

7.5CVSS7.6AI score0.00778EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.49 views

CVE-2020-11151

CVE-2020-11151 describes a race condition in video handling on Qualcomm Snapdragon devices (Auto, Compute, Connectivity, Industrial IOT, Mobile, Wearables). Two threads calling a user-space ioctl concurrently can trigger a use-after-free in the video stack. Impact per NVD indicates potential high...

6.9CVSS7.1AI score0.00132EPSS