7 matches found
CVE-2020-11282
The CVE-2020-11282 issue is an improper access-control vulnerability in the KGSL driver on Snapdragon platforms (Snapdragon Auto/Compute/Connectivity, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.). A special mmap offset can map the GPU memstore into user space, enabling local attacker ac...
CVE-2020-11286
CVE-2020-11286 affects Qualcomm closed-source kernel components (Snapdragon family) with a root cause of an untrusted pointer dereference during USB control transfers when multiple standard USB requests are issued together. This could impact devices running affected Qualcomm/kernel code and is re...
CVE-2020-11283
CVE-2020-11283 is a buffer overflow vulnerability described in the NVD entry as occurring during MKV playback due to insufficient input validation in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables). The connected Red Hat...
CVE-2020-11136
CVE-2020-11136 corresponds to a buffer over-read in the Qualcomm audio driver caused by not returning NULL for a zero-sized memory request in the vulnerable Snapdragon family (Auto/Compute/Connectivity/IOT/Mobile, etc.). The issue affects Qualcomm closed‑source components and is listed as Critica...
CVE-2020-11287
The CVE-2020-11287 issue affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Consumer Electronics/IoT families) where RTT frames can be linked with non-randomized MAC addresses by comparing sequence numbers, leading to information disclosure. Root cause: information disclosure due to...
CVE-2020-3691
CVE-2020-3691 describes a possible out-of-bounds memory access in audio due to an integer underflow when processing modified contents in Qualcomm Snapdragon closed‑source components (audio path). The root cause is an integer underflow leading to out-of-bounds reads/writes in the affected audio pr...
CVE-2020-3685
CVE-2020-3685 affects Qualcomm closed‑source components used in Snapdragon platforms. The issue arises from a freed pointer variable not being cleared, which can lead to memory corruption and result in a denial of service on devices such as Snapdragon Auto, Compute, Connectivity, IoT, Wearables, ...