| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content. |
| Memory corruption in display due to double free while allocating frame buffer memory |
| Denial of service while processing fastboot flash command on mmc due to buffer over read |
| Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data. |
| Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed. |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM |
| Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload. |
| Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. |
| Memory corruption in WLAN HAL while handling command streams through WMI interfaces. |
| Memory corruption due to double free in Core while mapping HLOS address to the list. |
| Memory corruption when allocating and accessing an entry in an SMEM partition continuously. |
| Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. |
| Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. |
| Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. |
| Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. |
