| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. |
| Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. |
| Memory corruption due to use after free in Modem while modem initialization. |
| Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. |
| Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. |
| Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. |
| Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation. |
| Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. |
| Memory corruption in Linux while sending DRM request. |
| Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. |
| Transient DOS due to reachable assertion in Modem because of invalid network configuration. |
| Memory corruption due to double free in core while initializing the encryption key. |
| Memory corruption in Linux android due to double free while calling unregister provider after register call. |
| Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key. |
| information disclosure due to cryptographic issue in Core during RPMB read request. |
| Assertion occurs while processing Reconfiguration message due to improper validation |
| Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music |
| u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent to InvalidConnectionRequest(CVE-2019-19193) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, AR9344, Bitra, IPQ5018, Kamorta, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA9377, QCA9886, QCM6125, QCN7605, QCS404, QCS405, QCS605, QCS610, QRB5165, Rennell, SA415M, SA515M, Saipan, SC7180, SC8180X, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 |
| Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130 |
| Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCA9531, QCA9558, QCA9980, SC8180X, SDM439, SDX55, SM8150, SM8250, SXR2130 |
