Qualcomm Apq8009 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Apq8009 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2020-11272 — CVSS 9.8 (critical): Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later…
CVE-2020-11227 — CVSS 9.8 (critical): Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto…
CVE-2021-1975 — CVSS 9.8 (critical): Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-25720 — CVSS 9.8 (critical): Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10487 — CVSS 9.8 (critical): Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto…
CVE-2021-1920 — CVSS 9.8 (critical): Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11299 — CVSS 9.8 (critical): Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-1919 — CVSS 9.8 (critical): Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1916 — CVSS 9.8 (critical): Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto…
CVE-2019-10500 — CVSS 9.8 (critical): While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto…
CVE-2020-3614 — CVSS 9.8 (critical): Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto…
CVE-2020-3615 — CVSS 9.8 (critical): Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to…
CVE-2020-3699 — CVSS 9.8 (critical): Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in…
CVE-2020-3633 — CVSS 9.8 (critical): Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in…
CVE-2020-3639 — CVSS 9.8 (critical): u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory…
CVE-2020-3641 — CVSS 9.8 (critical): Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto…
CVE-2020-3698 — CVSS 9.8 (critical): Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon…
CVE-2020-3688 — CVSS 9.8 (critical): Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto…
CVE-2020-3671 — CVSS 9.8 (critical): Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon…
CVE-2019-14004 — CVSS 9.8 (critical): Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3657 — CVSS 9.8 (critical): u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client…
CVE-2020-3660 — CVSS 9.8 (critical): Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon…
CVE-2020-3661 — CVSS 9.8 (critical): Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAX_UINT32 range due to lack of…
CVE-2020-3662 — CVSS 9.8 (critical): Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3663 — CVSS 9.8 (critical): Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto…
CVE-2019-14005 — CVSS 9.8 (critical): Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdragon…
CVE-2019-14006 — CVSS 9.8 (critical): Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon…
CVE-2019-14013 — CVSS 9.8 (critical): While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the…
CVE-2019-14016 — CVSS 9.8 (critical): Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2019-14017 — CVSS 9.8 (critical): Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto…
CVE-2019-10557 — CVSS 9.8 (critical): Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-14031 — CVSS 9.8 (critical): Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto…
CVE-2019-10511 — CVSS 9.8 (critical): Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-10559 — CVSS 9.8 (critical): Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in…
CVE-2022-40510 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2019-10516 — CVSS 9.8 (critical): Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon…
CVE-2019-10572 — CVSS 9.8 (critical): Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in…
CVE-2019-14052 — CVSS 9.8 (critical): u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon…
CVE-2019-14062 — CVSS 9.8 (critical): Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon…
CVE-2022-25651 — CVSS 9.8 (critical): Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer…
CVE-2022-22088 — CVSS 9.8 (critical): Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
CVE-2019-14073 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when…
CVE-2019-10581 — CVSS 9.8 (critical): NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue…
CVE-2019-10586 — CVSS 9.8 (critical): Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon…
CVE-2019-10587 — CVSS 9.8 (critical): Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto…
CVE-2019-14083 — CVSS 9.8 (critical): While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is…
CVE-2019-10588 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in…
CVE-2019-10590 — CVSS 9.8 (critical): Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon…
CVE-2022-25748 — CVSS 9.8 (critical): Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14095 — CVSS 9.8 (critical): Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon…
CVE-2019-14098 — CVSS 9.8 (critical): Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon…
CVE-2019-14110 — CVSS 9.8 (critical): Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer…
CVE-2019-14113 — CVSS 9.8 (critical): Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in…
CVE-2019-14114 — CVSS 9.8 (critical): Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto…
CVE-2019-14127 — CVSS 9.8 (critical): Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10593 — CVSS 9.8 (critical): Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto…
CVE-2019-2242 — CVSS 9.8 (critical): Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-2268 — CVSS 9.8 (critical): Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics…
CVE-2019-2271 — CVSS 9.8 (critical): Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto…
CVE-2019-10594 — CVSS 9.8 (critical): Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto…
CVE-2019-2289 — CVSS 9.8 (critical): Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto…
CVE-2019-2300 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon Auto…
CVE-2019-2303 — CVSS 9.8 (critical): SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2311 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto…
CVE-2019-10525 — CVSS 9.8 (critical): Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon…
CVE-2019-2320 — CVSS 9.8 (critical): Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10526 — CVSS 9.8 (critical): Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11116 — CVSS 9.8 (critical): u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon…
CVE-2021-30351 — CVSS 9.8 (critical): An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon…
CVE-2019-10609 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11168 — CVSS 9.8 (critical): u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in…
CVE-2020-11170 — CVSS 9.8 (critical): Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in…
CVE-2019-10611 — CVSS 9.8 (critical): Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11192 — CVSS 9.8 (critical): Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11193 — CVSS 9.8 (critical): u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto…
CVE-2019-10614 — CVSS 9.8 (critical): Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious…
CVE-2020-11196 — CVSS 9.8 (critical): u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto…
CVE-2019-10532 — CVSS 9.8 (critical): Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon…
CVE-2021-1976 — CVSS 9.8 (critical): A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute…
CVE-2022-22105 — CVSS 9.4 (critical): Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT…
CVE-2019-10610 — CVSS 9.1 (critical): Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2020-11169 — CVSS 9.1 (critical): u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10579 — CVSS 9.1 (critical): Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11159 — CVSS 9.1 (critical): Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer…
CVE-2020-11188 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11189 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11190 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-3658 — CVSS 9.1 (critical): Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon…
CVE-2019-10577 — CVSS 9.1 (critical): Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in…
CVE-2019-14057 — CVSS 9.1 (critical): Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto…
CVE-2022-25718 — CVSS 9.1 (critical): Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon…
CVE-2019-10553 — CVSS 9.1 (critical): Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto…
CVE-2019-10552 — CVSS 9.1 (critical): Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in…
CVE-2019-14011 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/…
CVE-2019-10551 — CVSS 9.1 (critical): String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2019-10554 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/…
CVE-2019-14019 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource…
CVE-2019-10622 — CVSS 9.1 (critical): Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in…
CVE-2020-11276 — CVSS 9.1 (critical): Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P…
CVE-2020-11275 — CVSS 9.1 (critical): Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon…
CVE-2021-1924 — CVSS 9.0 (critical): Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11155 — CVSS 8.8 (high): u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.' in Snapdragon…
CVE-2020-11177 — CVSS 8.8 (high): User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in…
CVE-2020-11269 — CVSS 8.8 (high): Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto…
CVE-2020-11154 — CVSS 8.8 (high): u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon…
CVE-2020-11303 — CVSS 8.6 (high): Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon…
CVE-2021-30261 — CVSS 8.4 (high): Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in…
CVE-2022-25695 — CVSS 8.4 (high): Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto…
CVE-2022-22058 — CVSS 8.4 (high): Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-22082 — CVSS 8.4 (high): Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon…
CVE-2022-25682 — CVSS 8.4 (high): Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon…
CVE-2021-1927 — CVSS 8.4 (high): Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11267 — CVSS 8.4 (high): Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto…
CVE-2022-22085 — CVSS 8.4 (high): Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-25724 — CVSS 8.4 (high): Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-22074 — CVSS 8.4 (high): Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-30288 — CVSS 8.4 (high): Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon…
CVE-2022-22084 — CVSS 8.4 (high): Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-40531 — CVSS 8.4 (high): Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2021-30337 — CVSS 8.4 (high): Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto…
CVE-2021-1939 — CVSS 8.4 (high): Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon…
CVE-2021-1949 — CVSS 8.4 (high): Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11234 — CVSS 8.4 (high): When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting…
CVE-2022-25743 — CVSS 8.4 (high): Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1900 — CVSS 8.4 (high): Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30260 — CVSS 8.4 (high): Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist…
CVE-2020-11251 — CVSS 8.2 (high): Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto…
CVE-2020-11191 — CVSS 8.2 (high): Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute…
CVE-2022-33268 — CVSS 8.2 (high): Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11285 — CVSS 8.2 (high): Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto…
CVE-2022-25719 — CVSS 8.2 (high): Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon…
CVE-2023-21625 — CVSS 8.2 (high): Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
CVE-2022-33255 — CVSS 8.2 (high): Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.
CVE-2022-22062 — CVSS 8.2 (high): An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2022-33235 — CVSS 8.2 (high): Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto…
CVE-2021-35083 — CVSS 8.2 (high): Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon…
CVE-2020-11247 — CVSS 8.2 (high): Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10494 — CVSS 8.1 (high): Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon…
CVE-2020-11141 — CVSS 8.1 (high): u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer…
CVE-2019-10584 — CVSS 7.8 (high): Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13916 — CVSS 7.8 (high): Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in…
CVE-2019-10480 — CVSS 7.8 (high): Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon…
CVE-2019-10503 — CVSS 7.8 (high): Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-10517 — CVSS 7.8 (high): Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10518 — CVSS 7.8 (high): Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10527 — CVSS 7.8 (high): u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range…
CVE-2019-10536 — CVSS 7.8 (high): Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on…
CVE-2019-10544 — CVSS 7.8 (high): Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon…
CVE-2019-10547 — CVSS 7.8 (high): When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Auto…
CVE-2019-10548 — CVSS 7.8 (high): While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in…
CVE-2019-10556 — CVSS 7.8 (high): Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some…
CVE-2019-10558 — CVSS 7.8 (high): While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in…
CVE-2019-10564 — CVSS 7.8 (high): Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto…
CVE-2019-10567 — CVSS 7.8 (high): There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could…
CVE-2018-11980 — CVSS 7.8 (high): When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen…
CVE-2019-10585 — CVSS 7.8 (high): Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free…
CVE-2019-10595 — CVSS 7.8 (high): Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in…
CVE-2019-10600 — CVSS 7.8 (high): Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in…
CVE-2019-10605 — CVSS 7.8 (high): Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in…
CVE-2019-10607 — CVSS 7.8 (high): Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in…
CVE-2019-10615 — CVSS 7.8 (high): u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of…
CVE-2019-13994 — CVSS 7.8 (high): u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the…
CVE-2019-13995 — CVSS 7.8 (high): u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory…
CVE-2019-13998 — CVSS 7.8 (high): u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory…
CVE-2019-13999 — CVSS 7.8 (high): u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage'…
CVE-2019-14000 — CVSS 7.8 (high): Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and…
CVE-2019-14001 — CVSS 7.8 (high): Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial…
CVE-2019-14009 — CVSS 7.8 (high): Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in…
CVE-2019-14026 — CVSS 7.8 (high): Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14028 — CVSS 7.8 (high): Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14029 — CVSS 7.8 (high): Use-after-free in graphics module due to destroying already queued syncobj in error case in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14032 — CVSS 7.8 (high): Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-14034 — CVSS 7.8 (high): Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon…
CVE-2019-14037 — CVSS 7.8 (high): Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14040 — CVSS 7.8 (high): Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in…
CVE-2019-14041 — CVSS 7.8 (high): During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer…
CVE-2019-14050 — CVSS 7.8 (high): Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto…
CVE-2019-14055 — CVSS 7.8 (high): Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in…
CVE-2019-14060 — CVSS 7.8 (high): Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due…
CVE-2019-14065 — CVSS 7.8 (high): u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14068 — CVSS 7.8 (high): Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14074 — CVSS 7.8 (high): u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14076 — CVSS 7.8 (high): Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto…
CVE-2019-14077 — CVSS 7.8 (high): Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto…
CVE-2019-14078 — CVSS 7.8 (high): Out of bound memory access while processing qpay due to not validating length of the response buffer provided by User. in Snapdragon Auto…
CVE-2019-14079 — CVSS 7.8 (high): Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place…
CVE-2019-14088 — CVSS 7.8 (high): Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in…
CVE-2019-14093 — CVSS 7.8 (high): Array out of bound access can occur in display module due to lack of bound check on input parcel received in Snapdragon Auto, Snapdragon…
CVE-2019-14094 — CVSS 7.8 (high): Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto…