Qualcomm Bitra Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Bitra Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (38)
CVE-2020-3673 — CVSS 9.8 (critical): u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the…
CVE-2020-3703 — CVSS 9.8 (critical): u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from…
CVE-2020-3654 — CVSS 9.8 (critical): u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon…
CVE-2020-11116 — CVSS 9.8 (critical): u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon…
CVE-2019-13992 — CVSS 7.8 (high): u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto…
CVE-2019-13994 — CVSS 7.8 (high): u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the…
CVE-2019-13995 — CVSS 7.8 (high): u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory…
CVE-2019-13998 — CVSS 7.8 (high): u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory…
CVE-2019-14074 — CVSS 7.8 (high): u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14117 — CVSS 7.8 (high): u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which…
CVE-2020-11120 — CVSS 7.8 (high): u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data…
CVE-2020-11125 — CVSS 7.8 (high): u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon…
CVE-2020-11128 — CVSS 7.8 (high): u'Possible out of bound access while copying the mask file content into the buffer without checking the buffer size' in Snapdragon Auto…
CVE-2020-11129 — CVSS 7.8 (high): u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory…
CVE-2020-11162 — CVSS 7.8 (high): u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in…
CVE-2020-11164 — CVSS 7.8 (high): u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in…
CVE-2019-10527 — CVSS 7.8 (high): u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range…
CVE-2019-10596 — CVSS 7.8 (high): u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto…
CVE-2019-10628 — CVSS 7.8 (high): u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto…
CVE-2019-10629 — CVSS 7.8 (high): u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3629 — CVSS 7.8 (high): u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for…
CVE-2020-3638 — CVSS 7.8 (high): u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control' in…
CVE-2020-3640 — CVSS 7.8 (high): u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a…
CVE-2020-3646 — CVSS 7.8 (high): u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute…
CVE-2020-3684 — CVSS 7.8 (high): u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them…
CVE-2020-3690 — CVSS 7.8 (high): u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon…
CVE-2020-3693 — CVSS 7.8 (high): u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto…
CVE-2020-3694 — CVSS 7.8 (high): u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto…
CVE-2020-11174 — CVSS 7.8 (high): u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto…
CVE-2020-3622 — CVSS 7.8 (high): u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL…
CVE-2020-11118 — CVSS 7.5 (high): u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3704 — CVSS 7.5 (high): u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral…
CVE-2020-11115 — CVSS 7.5 (high): u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon…
CVE-2020-11173 — CVSS 7.0 (high): u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11122 — CVSS 5.5 (medium): u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdragon Auto…
CVE-2020-3621 — CVSS 5.5 (medium): u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into…
CVE-2020-3679 — CVSS 5.5 (medium): u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including…
CVE-2020-3620 — CVSS 5.5 (medium): u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to…