| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS due to buffer over-read in WLAN Host while parsing frame information. |
| Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed. |
| Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs. |
| Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM. |
| Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. |
| Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity. |
| Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. |
| Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation. |
| Information disclosure due to buffer over-read in WLAN while parsing NMF frame. |
| Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. |
| Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. |
| Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. |
| Memory corruption in Audio due to incorrect type cast during audio use-cases. |
| Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory. |
| Memory corruption due to double free in core while initializing the encryption key. |
| Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host |
| Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file. |
| Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
| Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. |
| Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
