| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption may occur while validating ports and channels in Audio driver. |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Memory corruption while processing video packets received from video firmware. |
| Memory corruption while calling the NPU driver APIs concurrently. |
| Memory corruption when two threads try to map and unmap a single node simultaneously. |
| Memory corruption when user provides data for FM HCI command control operations. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
| Memory corruption while processing finish_sign command to pass a rsp buffer. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Memory corruption when Alternative Frequency offset value is set to 255. |
| Memory corruption in SPS Application while requesting for public key in sorter TA. |
| Transient DOS while handling PS event when Program Service name length offset value is set to 255. |
| Memory corruption while processing API calls to NPU with invalid input. |
| Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. |
| Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. |
| Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. |
| Memory corruption when allocating and accessing an entry in an SMEM partition. |
| Memory corruption while performing finish HMAC operation when context is freed by keymaster. |
| u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130 |
