| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content. |
| Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data. |
| Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed. |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM |
| Memory corruption in WLAN HAL while handling command streams through WMI interfaces. |
| Crafted Binder Request Causes Heap UAF in MediaServer |
| A race condition exists in a driver potentially leading to a use-after-free condition. |
| Transient DOS while handling PS event when Program Service name length offset value is set to 255. |
| Memory corruption while processing API calls to NPU with invalid input. |
| Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. |
| Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. |
| Memory corruption while performing finish HMAC operation when context is freed by keymaster. |
| Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. |
| Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. |
| Memory corruption while allocating memory in COmxApeDec module in Audio. |
