Qualcomm Sd 675 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Sd 675 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2018-11937 — CVSS 9.8 (critical): Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1933 — CVSS 9.8 (critical): UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2258 — CVSS 9.8 (critical): Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2256 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2022-22088 — CVSS 9.8 (critical): Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
CVE-2021-30341 — CVSS 9.8 (critical): Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2245 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to…
CVE-2021-1920 — CVSS 9.8 (critical): Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2249 — CVSS 9.8 (critical): Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1919 — CVSS 9.8 (critical): Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2252 — CVSS 9.8 (critical): Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto…
CVE-2019-2253 — CVSS 9.8 (critical): Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity…
CVE-2019-2254 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2255 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2019-2323 — CVSS 9.8 (critical): Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2307 — CVSS 9.8 (critical): Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon…
CVE-2019-2305 — CVSS 9.8 (critical): Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon…
CVE-2020-11134 — CVSS 9.8 (critical): Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup…
CVE-2020-11307 — CVSS 9.8 (critical): Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2294 — CVSS 9.8 (critical): Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge…
CVE-2020-11163 — CVSS 9.8 (critical): Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the…
CVE-2019-2287 — CVSS 9.8 (critical): Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto…
CVE-2019-2285 — CVSS 9.8 (critical): Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon…
CVE-2019-2283 — CVSS 9.8 (critical): Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon…
CVE-2020-11176 — CVSS 9.8 (critical): While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow…
CVE-2019-2279 — CVSS 9.8 (critical): Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon…
CVE-2020-11182 — CVSS 9.8 (critical): Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon…
CVE-2022-25748 — CVSS 9.8 (critical): Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute…
CVE-2018-13924 — CVSS 9.8 (critical): Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute…
CVE-2018-13911 — CVSS 9.8 (critical): Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35104 — CVSS 9.8 (critical): Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2324 — CVSS 9.8 (critical): When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary…
CVE-2019-2325 — CVSS 9.8 (critical): Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto…
CVE-2018-13904 — CVSS 9.8 (critical): Improper input validation in SCM handler to access storage in TZ can lead to unauthorized access in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30351 — CVSS 9.8 (critical): An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon…
CVE-2020-11291 — CVSS 9.8 (critical): Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of…
CVE-2019-10509 — CVSS 9.8 (critical): Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2327 — CVSS 9.8 (critical): Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13898 — CVSS 9.8 (critical): Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2018-11271 — CVSS 9.8 (critical): Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon…
CVE-2021-1976 — CVSS 9.8 (critical): A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11930 — CVSS 9.8 (critical): Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer…
CVE-2021-1975 — CVSS 9.8 (critical): Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11227 — CVSS 9.8 (critical): Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto…
CVE-2018-13887 — CVSS 9.8 (critical): Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-2331 — CVSS 9.8 (critical): Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto…
CVE-2019-2276 — CVSS 9.8 (critical): Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled…
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13886 — CVSS 9.8 (critical): Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1965 — CVSS 9.8 (critical): Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2332 — CVSS 9.8 (critical): Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11299 — CVSS 9.8 (critical): Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-1916 — CVSS 9.8 (critical): Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto…
CVE-2019-2322 — CVSS 9.8 (critical): Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2019-10522 — CVSS 9.8 (critical): While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10505 — CVSS 9.8 (critical): Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto…
CVE-2022-40510 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2022-40514 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2019-2259 — CVSS 9.8 (critical): Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon…
CVE-2022-22096 — CVSS 9.8 (critical): Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in…
CVE-2022-25720 — CVSS 9.8 (critical): Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10528 — CVSS 9.8 (critical): Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto…
CVE-2021-1946 — CVSS 9.8 (critical): Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11945 — CVSS 9.8 (critical): Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in…
CVE-2019-10533 — CVSS 9.8 (critical): Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon…
CVE-2019-10534 — CVSS 9.8 (critical): Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon…
CVE-2019-10538 — CVSS 9.8 (critical): Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can…
CVE-2019-10539 — CVSS 9.8 (critical): Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon…
CVE-2019-10540 — CVSS 9.8 (critical): Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto…
CVE-2019-10541 — CVSS 9.8 (critical): Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon…
CVE-2020-11192 — CVSS 9.8 (critical): Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30317 — CVSS 9.3 (critical): Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon…
CVE-2022-33232 — CVSS 9.3 (critical): Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
CVE-2021-30285 — CVSS 9.3 (critical): Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30275 — CVSS 9.3 (critical): Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto…
CVE-2022-33257 — CVSS 9.3 (critical): Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
CVE-2022-33288 — CVSS 9.3 (critical): Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection…
CVE-2021-35122 — CVSS 9.3 (critical): Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon…
CVE-2021-1942 — CVSS 9.3 (critical): Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30342 — CVSS 9.1 (critical): Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in…
CVE-2021-30343 — CVSS 9.1 (critical): Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in…
CVE-2020-11126 — CVSS 9.1 (critical): Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2020-11190 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11222 — CVSS 9.1 (critical): Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30347 — CVSS 9.1 (critical): Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in…
CVE-2018-11932 — CVSS 9.1 (critical): Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2020-11188 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11264 — CVSS 9.1 (critical): Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2020-11189 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11159 — CVSS 9.1 (critical): Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer…
CVE-2023-43551 — CVSS 9.1 (critical): Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send…
CVE-2021-1924 — CVSS 9.0 (critical): Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2316 — CVSS 8.8 (high): When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile…
CVE-2021-1886 — CVSS 8.4 (high): Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon…
CVE-2022-25681 — CVSS 8.4 (high): Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation…
CVE-2022-25682 — CVSS 8.4 (high): Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon…
CVE-2022-25695 — CVSS 8.4 (high): Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto…
CVE-2022-25696 — CVSS 8.4 (high): Memory corruption in display due to time-of-check time-of-use race condition during map or unmap in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25724 — CVSS 8.4 (high): Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-25743 — CVSS 8.4 (high): Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-33214 — CVSS 8.4 (high): Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-40532 — CVSS 8.4 (high): Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2022-33277 — CVSS 8.4 (high): Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2022-40531 — CVSS 8.4 (high): Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2022-40530 — CVSS 8.4 (high): Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
CVE-2022-33307 — CVSS 8.4 (high): Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
CVE-2020-11246 — CVSS 8.4 (high): A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute…
CVE-2023-33119 — CVSS 8.4 (high): Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
CVE-2020-11260 — CVSS 8.4 (high): An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11267 — CVSS 8.4 (high): Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto…
CVE-2022-25661 — CVSS 8.4 (high): Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2021-1888 — CVSS 8.4 (high): Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1889 — CVSS 8.4 (high): Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1890 — CVSS 8.4 (high): Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1917 — CVSS 8.4 (high): Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1932 — CVSS 8.4 (high): Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in…
CVE-2021-1934 — CVSS 8.4 (high): Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in…
CVE-2021-1939 — CVSS 8.4 (high): Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon…
CVE-2021-1940 — CVSS 8.4 (high): Use after free can occur due to improper handling of response from firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2021-1949 — CVSS 8.4 (high): Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1983 — CVSS 8.4 (high): Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdragon Auto…
CVE-2021-1984 — CVSS 8.4 (high): Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon…
CVE-2021-1985 — CVSS 8.4 (high): Possible buffer over read due to lack of data length check in QVR Service configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30256 — CVSS 8.4 (high): Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute…
CVE-2021-30257 — CVSS 8.4 (high): Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon…
CVE-2021-30258 — CVSS 8.4 (high): Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30260 — CVSS 8.4 (high): Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist…
CVE-2021-30261 — CVSS 8.4 (high): Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in…
CVE-2021-30262 — CVSS 8.4 (high): Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto…
CVE-2021-30274 — CVSS 8.4 (high): Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto…
CVE-2021-30281 — CVSS 8.4 (high): Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device…
CVE-2021-30282 — CVSS 8.4 (high): Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto…
CVE-2021-30288 — CVSS 8.4 (high): Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon…
CVE-2021-30291 — CVSS 8.4 (high): Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30292 — CVSS 8.4 (high): Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30295 — CVSS 8.4 (high): Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto…
CVE-2021-30297 — CVSS 8.4 (high): Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto…
CVE-2021-30316 — CVSS 8.4 (high): Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity…
CVE-2021-30318 — CVSS 8.4 (high): Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30334 — CVSS 8.4 (high): Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30335 — CVSS 8.4 (high): Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon…
CVE-2021-30336 — CVSS 8.4 (high): Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon…
CVE-2021-30337 — CVSS 8.4 (high): Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto…
CVE-2021-30350 — CVSS 8.4 (high): Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35068 — CVSS 8.4 (high): Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in…
CVE-2021-35105 — CVSS 8.4 (high): Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35132 — CVSS 8.4 (high): Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-22059 — CVSS 8.4 (high): Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2022-22066 — CVSS 8.4 (high): Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2022-22068 — CVSS 8.4 (high): kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto…
CVE-2022-22074 — CVSS 8.4 (high): Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2022-22080 — CVSS 8.4 (high): Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-22082 — CVSS 8.4 (high): Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon…
CVE-2022-22084 — CVSS 8.4 (high): Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-22085 — CVSS 8.4 (high): Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35083 — CVSS 8.2 (high): Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon…