7 matches found
CVE-2020-11179
CVE-2020-11179 is a Qualcomm Adreno GPU/kernel-driver vulnerability. The attack targets the KGSL global shared mappings, specifically the scratch buffer used to share data between CPU and GPU. The RPTR (ringbuffer read pointer) is read from the scratch buffer, and the patch for CVE-2019-10567 ran...
CVE-2020-11213
CVE-2020-11213 describes out-of-bounds reads in Snapdragon components (Auto, Compute, Connectivity, and related Snapdragon devices) caused by improper validation of field lengths while processing a Service descriptor. The issue affects a wide range of Snapdragon platforms (Auto, Compute, Connecti...
CVE-2020-11287
The CVE-2020-11287 issue affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/Consumer Electronics/IoT families) where RTT frames can be linked with non-randomized MAC addresses by comparing sequence numbers, leading to information disclosure. Root cause: information disclosure due to...
CVE-2020-11215
The CVE-2020-11215 entry concerns Qualcomm Snapdragon components (Snapdragon Auto, Compute, Connectivity, and related features across multiple Snapdragon lines) where an out-of-bounds read can occur while processing a VSA attribute due to an improper minimum length check. Affected products includ...
CVE-2020-11214
CVE-2020-11214 concerns a buffer over-read in processing an NDL attribute on Qualcomm Snapdragon firmware across multiple Snapdragon lines (Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Infrastructure & Networking). The ...
CVE-2020-11212
CVE-2020-11212 describes an out-of-bounds read during parsing of NAN beacon attributes and OUIs caused by an improper length check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, CE Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Ne...
CVE-2020-11200
CVE-2020-11200 is a buffer over-read during parsing of RPS caused by insufficient input validation, affecting Qualcomm Snapdragon family (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile). The vulnerability concerns a faulty parse path in a component/function/file used by Snapdra...