5 matches found
CVE-2020-11282
The CVE-2020-11282 issue is an improper access-control vulnerability in the KGSL driver on Snapdragon platforms (Snapdragon Auto/Compute/Connectivity, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.). A special mmap offset can map the GPU memstore into user space, enabling local attacker ac...
CVE-2020-11136
CVE-2020-11136 corresponds to a buffer over-read in the Qualcomm audio driver caused by not returning NULL for a zero-sized memory request in the vulnerable Snapdragon family (Auto/Compute/Connectivity/IOT/Mobile, etc.). The issue affects Qualcomm closed‑source components and is listed as Critica...
CVE-2020-11287
The CVE-2020-11287 issue affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Consumer Electronics/IoT families) where RTT frames can be linked with non-randomized MAC addresses by comparing sequence numbers, leading to information disclosure. Root cause: information disclosure due to...
CVE-2020-3691
CVE-2020-3691 describes a possible out-of-bounds memory access in audio due to an integer underflow when processing modified contents in Qualcomm Snapdragon closed‑source components (audio path). The root cause is an integer underflow leading to out-of-bounds reads/writes in the affected audio pr...
CVE-2020-3685
CVE-2020-3685 affects Qualcomm closed‑source components used in Snapdragon platforms. The issue arises from a freed pointer variable not being cleared, which can lead to memory corruption and result in a denial of service on devices such as Snapdragon Auto, Compute, Connectivity, IoT, Wearables, ...