Qualcomm Sdx24 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Sdx24 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2020-3692 — CVSS 9.8 (critical): u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for…
CVE-2019-2307 — CVSS 9.8 (critical): Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon…
CVE-2019-2305 — CVSS 9.8 (critical): Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon…
CVE-2019-10516 — CVSS 9.8 (critical): Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon…
CVE-2019-2303 — CVSS 9.8 (critical): SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2302 — CVSS 9.8 (critical): While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow…
CVE-2019-10525 — CVSS 9.8 (critical): Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon…
CVE-2019-10526 — CVSS 9.8 (critical): Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2289 — CVSS 9.8 (critical): Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto…
CVE-2019-10528 — CVSS 9.8 (critical): Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto…
CVE-2019-2287 — CVSS 9.8 (critical): Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto…
CVE-2019-2283 — CVSS 9.8 (critical): Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon…
CVE-2019-2279 — CVSS 9.8 (critical): Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon…
CVE-2019-10538 — CVSS 9.8 (critical): Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can…
CVE-2019-10539 — CVSS 9.8 (critical): Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon…
CVE-2019-2276 — CVSS 9.8 (critical): Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled…
CVE-2019-2271 — CVSS 9.8 (critical): Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto…
CVE-2019-2269 — CVSS 9.8 (critical): Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon…
CVE-2019-14131 — CVSS 9.8 (critical): Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snapdragon…
CVE-2019-14114 — CVSS 9.8 (critical): Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto…
CVE-2019-14113 — CVSS 9.8 (critical): Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in…
CVE-2019-14110 — CVSS 9.8 (critical): Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer…
CVE-2019-14098 — CVSS 9.8 (critical): Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon…
CVE-2019-14095 — CVSS 9.8 (critical): Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon…
CVE-2019-10565 — CVSS 9.8 (critical): Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto…
CVE-2019-14083 — CVSS 9.8 (critical): While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is…
CVE-2019-14080 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon…
CVE-2019-14073 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when…
CVE-2019-10572 — CVSS 9.8 (critical): Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in…
CVE-2019-10581 — CVSS 9.8 (critical): NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue…
CVE-2019-14062 — CVSS 9.8 (critical): Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon…
CVE-2019-14052 — CVSS 9.8 (critical): u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon…
CVE-2019-10586 — CVSS 9.8 (critical): Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon…
CVE-2019-10587 — CVSS 9.8 (critical): Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto…
CVE-2019-10588 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in…
CVE-2019-10593 — CVSS 9.8 (critical): Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto…
CVE-2019-10594 — CVSS 9.8 (critical): Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto…
CVE-2019-14031 — CVSS 9.8 (critical): Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto…
CVE-2019-10609 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute…
CVE-2022-40510 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2022-25748 — CVSS 9.8 (critical): Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25720 — CVSS 9.8 (critical): Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35104 — CVSS 9.8 (critical): Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30351 — CVSS 9.8 (critical): An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon…
CVE-2021-30341 — CVSS 9.8 (critical): Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1976 — CVSS 9.8 (critical): A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1975 — CVSS 9.8 (critical): Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-11930 — CVSS 9.8 (critical): Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer…
CVE-2021-1933 — CVSS 9.8 (critical): UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-11936 — CVSS 9.8 (critical): Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound…
CVE-2018-11937 — CVSS 9.8 (critical): Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-11940 — CVSS 9.8 (critical): Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1920 — CVSS 9.8 (critical): Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-11949 — CVSS 9.8 (critical): Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11955 — CVSS 9.8 (critical): Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out…
CVE-2021-1919 — CVSS 9.8 (critical): Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1916 — CVSS 9.8 (critical): Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto…
CVE-2020-3703 — CVSS 9.8 (critical): u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from…
CVE-2019-10614 — CVSS 9.8 (critical): Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious…
CVE-2020-3657 — CVSS 9.8 (critical): u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client…
CVE-2020-3639 — CVSS 9.8 (critical): u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory…
CVE-2018-13898 — CVSS 9.8 (critical): Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2020-3615 — CVSS 9.8 (critical): Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to…
CVE-2020-3614 — CVSS 9.8 (critical): Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto…
CVE-2020-11291 — CVSS 9.8 (critical): Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of…
CVE-2020-11227 — CVSS 9.8 (critical): Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto…
CVE-2020-11192 — CVSS 9.8 (critical): Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11176 — CVSS 9.8 (critical): While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow…
CVE-2020-11170 — CVSS 9.8 (critical): Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in…
CVE-2020-11163 — CVSS 9.8 (critical): Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the…
CVE-2019-10487 — CVSS 9.8 (critical): Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto…
CVE-2019-2332 — CVSS 9.8 (critical): Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10493 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2331 — CVSS 9.8 (critical): Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto…
CVE-2019-2325 — CVSS 9.8 (critical): Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto…
CVE-2019-2324 — CVSS 9.8 (critical): When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary…
CVE-2019-10500 — CVSS 9.8 (critical): While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto…
CVE-2019-2323 — CVSS 9.8 (critical): Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2320 — CVSS 9.8 (critical): Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10505 — CVSS 9.8 (critical): Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto…
CVE-2019-2317 — CVSS 9.8 (critical): The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in…
CVE-2019-10511 — CVSS 9.8 (critical): Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-2311 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto…
CVE-2021-30275 — CVSS 9.3 (critical): Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto…
CVE-2023-21651 — CVSS 9.3 (critical): Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
CVE-2022-33257 — CVSS 9.3 (critical): Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
CVE-2022-33232 — CVSS 9.3 (critical): Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
CVE-2021-30317 — CVSS 9.3 (critical): Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon…
CVE-2021-30285 — CVSS 9.3 (critical): Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30342 — CVSS 9.1 (critical): Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in…
CVE-2020-11264 — CVSS 9.1 (critical): Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in…
CVE-2019-10552 — CVSS 9.1 (critical): Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in…
CVE-2020-11222 — CVSS 9.1 (critical): Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10553 — CVSS 9.1 (critical): Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto…
CVE-2020-11190 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11189 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11188 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2019-10551 — CVSS 9.1 (critical): String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto…
CVE-2020-11276 — CVSS 9.1 (critical): Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P…
CVE-2022-25718 — CVSS 9.1 (critical): Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon…
CVE-2020-11275 — CVSS 9.1 (critical): Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon…
CVE-2019-10577 — CVSS 9.1 (critical): Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in…
CVE-2019-14011 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/…
CVE-2020-3634 — CVSS 9.1 (critical): u'Multiple Read overflows issue due to improper length check while decoding Generic NAS transport/EMM info' in Snapdragon Auto, Snapdragon…
CVE-2019-10622 — CVSS 9.1 (critical): Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in…
CVE-2019-10550 — CVSS 9.1 (critical): Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon…
CVE-2019-10554 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2019-14033 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept…
CVE-2019-10610 — CVSS 9.1 (critical): Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon…
CVE-2020-11159 — CVSS 9.1 (critical): Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer…
CVE-2019-14020 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/…
CVE-2020-3670 — CVSS 9.1 (critical): u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS…
CVE-2019-14019 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource…
CVE-2021-1924 — CVSS 9.0 (critical): Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11269 — CVSS 8.8 (high): Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto…
CVE-2020-11177 — CVSS 8.8 (high): User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in…
CVE-2019-2316 — CVSS 8.8 (high): When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile…
CVE-2020-11303 — CVSS 8.6 (high): Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon…
CVE-2020-11234 — CVSS 8.4 (high): When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting…
CVE-2020-11245 — CVSS 8.4 (high): Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon…
CVE-2020-11267 — CVSS 8.4 (high): Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto…
CVE-2020-11284 — CVSS 8.4 (high): Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region…
CVE-2021-1886 — CVSS 8.4 (high): Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon…
CVE-2021-1889 — CVSS 8.4 (high): Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1890 — CVSS 8.4 (high): Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1891 — CVSS 8.4 (high): A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon…
CVE-2021-1912 — CVSS 8.4 (high): Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon…
CVE-2021-1913 — CVSS 8.4 (high): Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1927 — CVSS 8.4 (high): Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1932 — CVSS 8.4 (high): Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in…
CVE-2021-1939 — CVSS 8.4 (high): Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon…
CVE-2021-30260 — CVSS 8.4 (high): Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist…
CVE-2021-30261 — CVSS 8.4 (high): Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in…
CVE-2021-30262 — CVSS 8.4 (high): Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto…
CVE-2021-30274 — CVSS 8.4 (high): Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto…
CVE-2021-30281 — CVSS 8.4 (high): Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device…
CVE-2021-30282 — CVSS 8.4 (high): Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto…
CVE-2021-30288 — CVSS 8.4 (high): Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon…
CVE-2021-30318 — CVSS 8.4 (high): Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30334 — CVSS 8.4 (high): Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30335 — CVSS 8.4 (high): Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon…
CVE-2021-30337 — CVSS 8.4 (high): Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto…
CVE-2021-35105 — CVSS 8.4 (high): Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-35112 — CVSS 8.4 (high): A user with user level permission can access graphics protected region due to improper access control in register configuration in…
CVE-2022-22058 — CVSS 8.4 (high): Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-22066 — CVSS 8.4 (high): Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2022-22074 — CVSS 8.4 (high): Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2022-25661 — CVSS 8.4 (high): Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2022-25681 — CVSS 8.4 (high): Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation…
CVE-2022-25682 — CVSS 8.4 (high): Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon…
CVE-2022-25695 — CVSS 8.4 (high): Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto…
CVE-2022-25724 — CVSS 8.4 (high): Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-25743 — CVSS 8.4 (high): Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-40531 — CVSS 8.4 (high): Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2021-30349 — CVSS 8.2 (high): Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto…
CVE-2022-33235 — CVSS 8.2 (high): Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto…
CVE-2020-11191 — CVSS 8.2 (high): Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute…
CVE-2022-22062 — CVSS 8.2 (high): An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2021-35083 — CVSS 8.2 (high): Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon…
CVE-2022-33268 — CVSS 8.2 (high): Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11285 — CVSS 8.2 (high): Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto…
CVE-2020-11251 — CVSS 8.2 (high): Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto…
CVE-2019-10494 — CVSS 8.1 (high): Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon…
CVE-2022-25746 — CVSS 8.1 (high): Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
CVE-2019-10529 — CVSS 8.1 (high): Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in…
CVE-2019-10567 — CVSS 7.8 (high): There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could…
CVE-2019-14088 — CVSS 7.8 (high): Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in…
CVE-2019-14094 — CVSS 7.8 (high): Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto…
CVE-2019-10564 — CVSS 7.8 (high): Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto…
CVE-2019-10563 — CVSS 7.8 (high): Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon…
CVE-2019-14099 — CVSS 7.8 (high): Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto…
CVE-2019-10562 — CVSS 7.8 (high): u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be…
CVE-2019-10558 — CVSS 7.8 (high): While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in…
CVE-2019-10556 — CVSS 7.8 (high): Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some…
CVE-2019-10555 — CVSS 7.8 (high): Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon…
CVE-2019-14135 — CVSS 7.8 (high): Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2246 — CVSS 7.8 (high): Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon…
CVE-2019-2247 — CVSS 7.8 (high): Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global…
CVE-2019-2251 — CVSS 7.8 (high): If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer…
CVE-2019-2257 — CVSS 7.8 (high): Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon…
CVE-2019-2264 — CVSS 7.8 (high): Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…
CVE-2019-2266 — CVSS 7.8 (high): Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon…
CVE-2019-10547 — CVSS 7.8 (high): When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Auto…
CVE-2019-10544 — CVSS 7.8 (high): Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon…
CVE-2019-2277 — CVSS 7.8 (high): Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10536 — CVSS 7.8 (high): Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on…
CVE-2019-2281 — CVSS 7.8 (high): An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute…
CVE-2019-10530 — CVSS 7.8 (high): Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT…