Qualcomm Mdm9150 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Mdm9150 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2020-3615 — CVSS 9.8 (critical): Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to…
CVE-2021-1920 — CVSS 9.8 (critical): Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1919 — CVSS 9.8 (critical): Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2283 — CVSS 9.8 (critical): Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon…
CVE-2018-11953 — CVSS 9.8 (critical): While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto…
CVE-2021-1916 — CVSS 9.8 (critical): Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto…
CVE-2019-2287 — CVSS 9.8 (critical): Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto…
CVE-2018-11955 — CVSS 9.8 (critical): Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out…
CVE-2021-1976 — CVSS 9.8 (critical): A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3657 — CVSS 9.8 (critical): u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client…
CVE-2019-10500 — CVSS 9.8 (critical): While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto…
CVE-2021-1975 — CVSS 9.8 (critical): Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3698 — CVSS 9.8 (critical): Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon…
CVE-2018-13924 — CVSS 9.8 (critical): Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25720 — CVSS 9.8 (critical): Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-11930 — CVSS 9.8 (critical): Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer…
CVE-2019-10594 — CVSS 9.8 (critical): Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto…
CVE-2018-11949 — CVSS 9.8 (critical): Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2279 — CVSS 9.8 (critical): Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon…
CVE-2019-10609 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25651 — CVSS 9.8 (critical): Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-10516 — CVSS 9.8 (critical): Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon…
CVE-2018-11940 — CVSS 9.8 (critical): Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2303 — CVSS 9.8 (critical): SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2305 — CVSS 9.8 (critical): Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon…
CVE-2018-13887 — CVSS 9.8 (critical): Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-2307 — CVSS 9.8 (critical): Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon…
CVE-2019-10525 — CVSS 9.8 (critical): Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon…
CVE-2019-2309 — CVSS 9.8 (critical): While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length…
CVE-2019-10526 — CVSS 9.8 (critical): Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2320 — CVSS 9.8 (critical): Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14073 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when…
CVE-2019-2322 — CVSS 9.8 (critical): Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2019-2323 — CVSS 9.8 (critical): Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2324 — CVSS 9.8 (critical): When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary…
CVE-2019-2325 — CVSS 9.8 (critical): Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto…
CVE-2018-13886 — CVSS 9.8 (critical): Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2327 — CVSS 9.8 (critical): Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13911 — CVSS 9.8 (critical): Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14062 — CVSS 9.8 (critical): Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon…
CVE-2019-2331 — CVSS 9.8 (critical): Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto…
CVE-2019-2332 — CVSS 9.8 (critical): Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10542 — CVSS 9.8 (critical): Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in…
CVE-2022-40510 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2019-2253 — CVSS 9.8 (critical): Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity…
CVE-2019-2254 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10511 — CVSS 9.8 (critical): Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-14052 — CVSS 9.8 (critical): u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon…
CVE-2019-2258 — CVSS 9.8 (critical): Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10586 — CVSS 9.8 (critical): Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon…
CVE-2021-30351 — CVSS 9.8 (critical): An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon…
CVE-2019-2242 — CVSS 9.8 (critical): Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-10505 — CVSS 9.8 (critical): Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto…
CVE-2019-10487 — CVSS 9.8 (critical): Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto…
CVE-2018-13898 — CVSS 9.8 (critical): Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2019-2269 — CVSS 9.8 (critical): Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon…
CVE-2018-11945 — CVSS 9.8 (critical): Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in…
CVE-2018-11937 — CVSS 9.8 (critical): Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10587 — CVSS 9.8 (critical): Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto…
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10588 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in…
CVE-2021-35104 — CVSS 9.8 (critical): Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10593 — CVSS 9.8 (critical): Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto…
CVE-2020-11227 — CVSS 9.8 (critical): Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto…
CVE-2022-22105 — CVSS 9.4 (critical): Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT…
CVE-2021-30317 — CVSS 9.3 (critical): Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon…
CVE-2021-30285 — CVSS 9.3 (critical): Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30275 — CVSS 9.3 (critical): Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto…
CVE-2021-1942 — CVSS 9.3 (critical): Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2018-13906 — CVSS 9.1 (critical): The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application…
CVE-2019-10551 — CVSS 9.1 (critical): String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto…
CVE-2019-10552 — CVSS 9.1 (critical): Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in…
CVE-2019-10553 — CVSS 9.1 (critical): Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto…
CVE-2019-10554 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/…
CVE-2019-10577 — CVSS 9.1 (critical): Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11188 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11189 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11190 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2021-30342 — CVSS 9.1 (critical): Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2019-10610 — CVSS 9.1 (critical): Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon…
CVE-2020-3634 — CVSS 9.1 (critical): u'Multiple Read overflows issue due to improper length check while decoding Generic NAS transport/EMM info' in Snapdragon Auto, Snapdragon…
CVE-2020-3670 — CVSS 9.1 (critical): u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS…
CVE-2019-14011 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/…
CVE-2019-14019 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource…
CVE-2019-14020 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/…
CVE-2019-14033 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept…
CVE-2021-1924 — CVSS 9.0 (critical): Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11177 — CVSS 8.8 (high): User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in…
CVE-2021-30337 — CVSS 8.4 (high): Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto…
CVE-2022-22074 — CVSS 8.4 (high): Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2022-22068 — CVSS 8.4 (high): kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto…
CVE-2021-30282 — CVSS 8.4 (high): Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto…
CVE-2021-30281 — CVSS 8.4 (high): Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device…
CVE-2021-30334 — CVSS 8.4 (high): Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30295 — CVSS 8.4 (high): Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto…
CVE-2022-25682 — CVSS 8.4 (high): Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon…
CVE-2021-35105 — CVSS 8.4 (high): Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35112 — CVSS 8.4 (high): A user with user level permission can access graphics protected region due to improper access control in register configuration in…
CVE-2021-30316 — CVSS 8.4 (high): Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity…
CVE-2021-30318 — CVSS 8.4 (high): Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute…
CVE-2022-22080 — CVSS 8.4 (high): Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30335 — CVSS 8.4 (high): Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon…
CVE-2022-22066 — CVSS 8.4 (high): Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30261 — CVSS 8.4 (high): Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in…
CVE-2022-22058 — CVSS 8.4 (high): Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-25695 — CVSS 8.4 (high): Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto…
CVE-2022-25724 — CVSS 8.4 (high): Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30274 — CVSS 8.4 (high): Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto…
CVE-2022-25743 — CVSS 8.4 (high): Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30262 — CVSS 8.4 (high): Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto…
CVE-2020-11285 — CVSS 8.2 (high): Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto…
CVE-2021-30349 — CVSS 8.2 (high): Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto…
CVE-2020-11191 — CVSS 8.2 (high): Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11251 — CVSS 8.2 (high): Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto…
CVE-2022-22062 — CVSS 8.2 (high): An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2021-35083 — CVSS 8.2 (high): Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon…
CVE-2019-10529 — CVSS 8.1 (high): Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in…
CVE-2020-3624 — CVSS 7.8 (high): u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in…
CVE-2018-11934 — CVSS 7.8 (high): Possible out of bounds write due to improper input validation while processing DO_ACS vendor command in Snapdragon Auto, Snapdragon…
CVE-2021-1979 — CVSS 7.8 (high): Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-30254 — CVSS 7.8 (high): Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon…
CVE-2021-30255 — CVSS 7.8 (high): Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30259 — CVSS 7.8 (high): Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30268 — CVSS 7.8 (high): Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon…
CVE-2021-30267 — CVSS 7.8 (high): Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11938 — CVSS 7.8 (high): Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto…
CVE-2018-11939 — CVSS 7.8 (high): Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…
CVE-2022-33248 — CVSS 7.8 (high): Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
CVE-2018-11966 — CVSS 7.8 (high): Undefined behavior in UE while processing unknown IEI in OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2018-11967 — CVSS 7.8 (high): Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library…
CVE-2022-33242 — CVSS 7.8 (high): Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
CVE-2022-33233 — CVSS 7.8 (high): Memory corruption due to configuration weakness in modem wile sending command to write protected files.
CVE-2018-13895 — CVSS 7.8 (high): Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access…
CVE-2018-13899 — CVSS 7.8 (high): Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2018-13900 — CVSS 7.8 (high): Use-after-free vulnerability will occur as there is no protection for the route table`s rule in IPA driver in Snapdragon Auto, Snapdragon…
CVE-2018-11289 — CVSS 7.8 (high): Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in…
CVE-2018-13908 — CVSS 7.8 (high): Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon…
CVE-2018-13913 — CVSS 7.8 (high): Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT…
CVE-2018-13914 — CVSS 7.8 (high): Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer…
CVE-2018-13916 — CVSS 7.8 (high): Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in…
CVE-2018-13918 — CVSS 7.8 (high): kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops…
CVE-2018-13919 — CVSS 7.8 (high): Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in…
CVE-2018-5911 — CVSS 7.8 (high): Buffer overflow in WLAN function due to improper check of buffer size before copying in Snapdragon Auto, Snapdragon Consumer IOT…
CVE-2018-5913 — CVSS 7.8 (high): A non-time constant function memcmp is used which creates a side channel that could leak information in Snapdragon Auto, Snapdragon…
CVE-2022-25705 — CVSS 7.8 (high): Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
CVE-2019-10491 — CVSS 7.8 (high): ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10497 — CVSS 7.8 (high): Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous…
CVE-2019-10498 — CVSS 7.8 (high): Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10501 — CVSS 7.8 (high): Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10507 — CVSS 7.8 (high): Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-10508 — CVSS 7.8 (high): Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-10512 — CVSS 7.8 (high): Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-10518 — CVSS 7.8 (high): Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10524 — CVSS 7.8 (high): Lack of check for a negative value returned for get_clk is wrongly interpreted as valid pointer and lead to use after free in clk driver in…
CVE-2019-10527 — CVSS 7.8 (high): u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range…
CVE-2019-10530 — CVSS 7.8 (high): Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT…
CVE-2019-10567 — CVSS 7.8 (high): There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could…
CVE-2019-10600 — CVSS 7.8 (high): Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in…
CVE-2019-10615 — CVSS 7.8 (high): u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of…
CVE-2019-13994 — CVSS 7.8 (high): u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the…
CVE-2019-13995 — CVSS 7.8 (high): u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory…
CVE-2019-13998 — CVSS 7.8 (high): u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory…
CVE-2019-13999 — CVSS 7.8 (high): u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage'…
CVE-2019-14000 — CVSS 7.8 (high): Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and…
CVE-2019-14009 — CVSS 7.8 (high): Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in…
CVE-2019-14018 — CVSS 7.8 (high): Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-14021 — CVSS 7.8 (high): Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and…
CVE-2019-14040 — CVSS 7.8 (high): Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in…
CVE-2022-22072 — CVSS 7.8 (high): Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14050 — CVSS 7.8 (high): Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto…
CVE-2019-14056 — CVSS 7.8 (high): u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon…
CVE-2019-14060 — CVSS 7.8 (high): Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due…
CVE-2019-14065 — CVSS 7.8 (high): u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14074 — CVSS 7.8 (high): u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14076 — CVSS 7.8 (high): Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto…
CVE-2019-14077 — CVSS 7.8 (high): Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto…
CVE-2019-14094 — CVSS 7.8 (high): Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto…
CVE-2022-22070 — CVSS 7.8 (high): Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2247 — CVSS 7.8 (high): Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global…
CVE-2019-2248 — CVSS 7.8 (high): Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon…
CVE-2019-2257 — CVSS 7.8 (high): Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon…
CVE-2019-2274 — CVSS 7.8 (high): Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2019-2288 — CVSS 7.8 (high): Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto…
CVE-2019-2292 — CVSS 7.8 (high): Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon…
CVE-2019-2298 — CVSS 7.8 (high): Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2299 — CVSS 7.8 (high): An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. in Snapdragon Auto, Snapdragon…
CVE-2019-2306 — CVSS 7.8 (high): Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity…
CVE-2019-2308 — CVSS 7.8 (high): User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote…
CVE-2019-2315 — CVSS 7.8 (high): While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in…
CVE-2019-2321 — CVSS 7.8 (high): Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto…
CVE-2019-2326 — CVSS 7.8 (high): Data token is received from ADSP and is used without validation as an index into the array leads to out of bound access in Snapdragon Auto…