| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table. |
| Memory corruption while processing the update SIM PB records request. |
| memory corruption when WiFi display APIs are invoked with large random inputs. |
| Memory corruption during GNSS HAL process initialization. |
| Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. |
| Memory corruption while station LL statistic handling. |
| Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. |
| Memory corruption while handling IOCTL calls in JPEG Encoder driver. |
| Transient DOS while parsing fragments of MBSSID IE from beacon frame. |
| Transient DOS while parsing BTM ML IE when per STA profile is not included. |
| Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. |
| Memory corruption while processing GPU page table switch. |
| Memory corruption while processing voice packet with arbitrary data received from ADSP. |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. |
| Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. |
| memory corruption when an invalid firehose patch command is invoked. |
