CVE-2021-30313

Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-35135

A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

CVE-2023-21643

Memory corruption due to untrusted pointer dereference in automotive during system call.

CVE-2023-22382

Weak configuration in Automotive while VM is processing a listener request from TEE.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

CVE-2023-28583

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

CVE-2023-33070

Transient DOS in Automotive OS due to improper authentication to the secure IO calls.

CVE-2023-33077

Memory corruption in HLOS while converting from authorization token to HIDL vector.

CVE-2020-11169

u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & M...

CVE-2020-3690

u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastruct...

CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-22069

Devices with keyprotect off may store unencrypted keybox in RPMB and cause cryptographic issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-25660

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2022-25681

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

CVE-2022-33240

Memory corruption in Audio due to incorrect type cast during audio use-cases.

CVE-2022-40522

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & M...

CVE-2021-1952

Possible buffer over read occurs due to lack of length check of request buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

CVE-2022-22078

Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-22081

Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

CVE-2023-21642

Memory corruption in HAB Memory management due to broad system privileges via physical address.

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

CVE-2023-21648

Memory corruption in RIL while trying to send apdu packet.

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

CVE-2023-33039

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

CVE-2020-11164

u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098, Bit...

CVE-2020-11188

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

CVE-2020-11292

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

CVE-2022-40524

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.

CVE-2023-21624

Information disclosure in DSP Services while loading dynamic module.

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

CVE-2024-21465

Memory corruption while processing key blob passed by the user.

CVE-2024-23375

Memory corruption during the network scan request.

CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

CVE-2020-11191

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon ...

CVE-2021-30327

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music

CVE-2022-22062

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapd...

CVE-2022-22101

Denial of service in multimedia due to uncontrolled resource consumption while parsing an incoming HAB message in Snapdragon Auto

CVE-2022-22105

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...