Lucene search
K
QualcommPmx20

12 matches found

CVE
CVE
added 2021/01/21 9:41 a.m.228 views

CVE-2020-11179

CVE-2020-11179 is a Qualcomm Adreno GPU/kernel-driver vulnerability. The attack targets the KGSL global shared mappings, specifically the scratch buffer used to share data between CPU and GPU. The RPTR (ringbuffer read pointer) is read from the scratch buffer, and the patch for CVE-2019-10567 ran...

7CVSS7.1AI score0.00316EPSS
CVE
CVE
added 2021/02/22 6:26 a.m.131 views

CVE-2020-11282

The CVE-2020-11282 issue is an improper access-control vulnerability in the KGSL driver on Snapdragon platforms (Snapdragon Auto/Compute/Connectivity, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.). A special mmap offset can map the GPU memstore into user space, enabling local attacker ac...

7.8CVSS7.6AI score0.00182EPSS
CVE
CVE
added 2021/02/22 6:26 a.m.129 views

CVE-2020-11286

CVE-2020-11286 affects Qualcomm closed-source kernel components (Snapdragon family) with a root cause of an untrusted pointer dereference during USB control transfers when multiple standard USB requests are issued together. This could impact devices running affected Qualcomm/kernel code and is re...

6.8CVSS6.8AI score0.00157EPSS
CVE
CVE
added 2021/02/22 6:26 a.m.82 views

CVE-2020-11283

CVE-2020-11283 is a buffer overflow vulnerability described in the NVD entry as occurring during MKV playback due to insufficient input validation in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The connected Red Hat...

9.8CVSS9.5AI score0.00683EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.77 views

CVE-2020-11213

CVE-2020-11213 describes out-of-bounds reads in Snapdragon components (Auto, Compute, Connectivity, and related Snapdragon devices) caused by improper validation of field lengths while processing a Service descriptor. The issue affects a wide range of Snapdragon platforms (Auto, Compute, Connecti...

9.8CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.63 views

CVE-2020-11144

CVE-2020-11144 affects Qualcomm Snapdragon family components (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables). Root cause: buffer over-read from decompression of invalid DL ROHC packets due to missing size check on the compressed packet...

9.1CVSS9.1AI score0.00879EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.60 views

CVE-2020-11149

CVE-2020-11149 involves an out-of-bounds access caused by an out-of-range pointer offset in the camera driver across Snapdragon platforms (Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables). The vulnerability stems from improper pointer handling in the camera su...

7.2CVSS7.2AI score0.00208EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.55 views

CVE-2020-11216

CVE-2020-11216 is a buffer over-read in the video driver when playing a clip where atomsize equals UINT32_MAX, affecting Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Voice & Music/Wearables). The issue is triggered during video processing and is docu...

9.8CVSS9.2AI score0.00911EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.54 views

CVE-2020-11145

CVE-2020-11145 describes a divide-by-zero flaw in the delta extension header update caused by improper validation of master SN and extension header SN in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Wearables, etc.). This is reported acro...

7.5CVSS7.6AI score0.00778EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.54 views

CVE-2020-11212

CVE-2020-11212 describes an out-of-bounds read during parsing of NAN beacon attributes and OUIs caused by an improper length check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, CE Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Ne...

9.8CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.51 views

CVE-2020-11197

CVE-2020-11197 affects Qualcomm Snapdragon platforms (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The issue is a possible integer overflow in stream info update when the total number of detected streams is zero while parsing a TS clip with invalid...

9.8CVSS9.5AI score0.00911EPSS
CVE
CVE
added 2021/01/21 9:41 a.m.48 views

CVE-2020-11183

CVE-2020-11183 describes a potential buffer overflow in the Snapdragon platform's display service, enabling local privilege escalation by executing code as the affected service. The vulnerability affects multiple Snapdragon families (Auto, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice...

7.2CVSS7.7AI score0.00208EPSS