Qualcomm Pm3003a Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Pm3003a Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (90)
CVE-2020-11272 — CVSS 9.8 (critical): Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later…
CVE-2020-11227 — CVSS 9.8 (critical): Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto…
CVE-2020-11170 — CVSS 9.8 (critical): Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in…
CVE-2020-11163 — CVSS 9.8 (critical): Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the…
CVE-2020-11299 — CVSS 9.8 (critical): Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2020-11134 — CVSS 9.8 (critical): Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup…
CVE-2020-11192 — CVSS 9.8 (critical): Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11182 — CVSS 9.8 (critical): Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon…
CVE-2020-11190 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11222 — CVSS 9.1 (critical): Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11159 — CVSS 9.1 (critical): Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2020-11276 — CVSS 9.1 (critical): Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P…
CVE-2020-11275 — CVSS 9.1 (critical): Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11126 — CVSS 9.1 (critical): Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11188 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11189 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11177 — CVSS 8.8 (high): User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in…
CVE-2020-11269 — CVSS 8.8 (high): Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto…
CVE-2020-11260 — CVSS 8.4 (high): An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11234 — CVSS 8.4 (high): When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting…
CVE-2020-11236 — CVSS 8.4 (high): Memory corruption due to invalid value of total dimension in the non-histogram type KPI could lead to a denial of service in Snapdragon…
CVE-2020-11237 — CVSS 8.4 (high): Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in…
CVE-2020-11246 — CVSS 8.4 (high): A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11245 — CVSS 8.4 (high): Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon…
CVE-2021-1927 — CVSS 8.4 (high): Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11284 — CVSS 8.4 (high): Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region…
CVE-2021-1891 — CVSS 8.4 (high): A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon…
CVE-2020-11251 — CVSS 8.2 (high): Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto…
CVE-2020-11191 — CVSS 8.2 (high): Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11247 — CVSS 8.2 (high): Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11285 — CVSS 8.2 (high): Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto…
CVE-2020-11194 — CVSS 7.8 (high): Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon…
CVE-2020-11165 — CVSS 7.8 (high): Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in…
CVE-2020-11178 — CVSS 7.8 (high): Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its…
CVE-2020-11181 — CVSS 7.8 (high): Out of bound access issue while handling cvp process control command due to improper validation of buffer pointer received from HLOS in…
CVE-2020-11195 — CVSS 7.8 (high): Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in…
CVE-2020-11204 — CVSS 7.8 (high): Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters…
CVE-2020-11223 — CVSS 7.8 (high): Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon…
CVE-2020-11235 — CVSS 7.8 (high): Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon…
CVE-2020-11239 — CVSS 7.8 (high): Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in…
CVE-2020-11240 — CVSS 7.8 (high): Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy…
CVE-2020-11253 — CVSS 7.8 (high): Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11271 — CVSS 7.8 (high): Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11288 — CVSS 7.8 (high): Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11289 — CVSS 7.8 (high): Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11309 — CVSS 7.8 (high): Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto…
CVE-2021-1915 — CVSS 7.8 (high): Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11255 — CVSS 7.5 (high): Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of…
CVE-2020-11238 — CVSS 7.5 (high): Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11241 — CVSS 7.5 (high): Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon…
CVE-2020-11243 — CVSS 7.5 (high): RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service…
CVE-2020-11226 — CVSS 7.5 (high): Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11270 — CVSS 7.5 (high): Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter…
CVE-2021-1925 — CVSS 7.5 (high): Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11297 — CVSS 7.5 (high): Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto…
CVE-2020-11273 — CVSS 7.5 (high): Histogram type KPI was teardown with the assumption of the existence of histogram binning info and will lead to null pointer access when…
CVE-2020-11274 — CVSS 7.5 (high): Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2020-11218 — CVSS 7.5 (high): Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon…
CVE-2020-11296 — CVSS 7.5 (high): Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11119 — CVSS 7.5 (high): Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto…
CVE-2020-11278 — CVSS 7.5 (high): Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11279 — CVSS 7.5 (high): Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto…
CVE-2020-11280 — CVSS 7.5 (high): Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to…
CVE-2020-11281 — CVSS 7.5 (high): Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in…
CVE-2020-11277 — CVSS 7.4 (high): Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in…
CVE-2021-1910 — CVSS 7.3 (high): Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon…
CVE-2020-11252 — CVSS 7.2 (high): Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto…
CVE-2020-11161 — CVSS 7.1 (high): Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon…
CVE-2020-11290 — CVSS 7.0 (high): Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon…
CVE-2020-11250 — CVSS 7.0 (high): Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11262 — CVSS 7.0 (high): A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free…
CVE-2021-1895 — CVSS 6.8 (medium): Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT…
CVE-2020-11308 — CVSS 6.8 (medium): Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto…
CVE-2020-11295 — CVSS 6.8 (medium): Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto…
CVE-2020-11198 — CVSS 6.7 (medium): Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset…
CVE-2020-11147 — CVSS 6.7 (medium): Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in…
CVE-2020-11160 — CVSS 6.7 (medium): Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in…
CVE-2020-11231 — CVSS 6.7 (medium): Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap…
CVE-2020-11230 — CVSS 6.4 (medium): Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address…
CVE-2020-3664 — CVSS 6.0 (medium): Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon…
CVE-2020-11294 — CVSS 5.9 (medium): Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11199 — CVSS 5.5 (medium): HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in…
CVE-2020-11221 — CVSS 5.5 (medium): Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient…
CVE-2020-11186 — CVSS 5.5 (medium): Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in…
CVE-2020-11293 — CVSS 5.1 (medium): Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in…