209 matches found
CVE-2022-33298
Memory corruption due to use after free in Modem while modem initialization.
CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP.
CVE-2019-10567
There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...
CVE-2019-14040
Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...
CVE-2019-10481
Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2019-10600
Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wi...
CVE-2019-14060
Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mo...
CVE-2019-10598
Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdra...
CVE-2023-21670
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
CVE-2019-14041
During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...
CVE-2018-11980
When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industri...
CVE-2019-10480
Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2019-10517
Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, A...
CVE-2019-14002
APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917,...
CVE-2019-14003
Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Musi...
CVE-2019-10518
Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...
CVE-2019-10536
Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
CVE-2019-14010
The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map which happens to be at same physical address in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9...
CVE-2019-10607
Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...
CVE-2019-2274
Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...
CVE-2019-10564
Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...
CVE-2019-14034
Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM89...
CVE-2019-14049
Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2019-2304
Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...
CVE-2019-10482
Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sn...
CVE-2019-10602
Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W,...
CVE-2019-14055
Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon ...
CVE-2019-14088
Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...
CVE-2019-14023
String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Re...
CVE-2019-14024
Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8917, MSM8953, Nicobar, QM215, Rennell, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130
CVE-2019-10584
Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...
CVE-2019-10601
Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...
CVE-2019-10537
Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdrago...
CVE-2019-14008
Possible null pointer dereference issue in location assistance data processing due to missing null check on resources before using it in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9607, MDM9650, SDM660, SDM845, SM8150, SM8250, SXR2130
CVE-2019-10548
While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ...
CVE-2019-10558
While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2019-10578
Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, ...
CVE-2019-2267
Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking ...
CVE-2022-40529
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
CVE-2019-10544
Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snap...
CVE-2019-10582
Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, S...
CVE-2019-10583
Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605, SA61...
CVE-2019-10585
Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, ...
CVE-2023-33059
Memory corruption in Audio while processing the VOC packet data from ADSP.
CVE-2020-11125
u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...
CVE-2023-33031
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
CVE-2023-33055
Memory Corruption in Audio while invoking callback function in driver from ADSP.
CVE-2022-33302
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
CVE-2020-11162
u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...
CVE-2020-11173
u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired...