Snapdragon Compute
by Qualcomm
CVEs (251)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-35097 | Hig | 0.47 | 7.3 | 0.00 | Sep 2, 2022 | Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice… | ||
| CVE-2022-22087 | Hig | 0.47 | 7.3 | 0.01 | Jun 14, 2022 | memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2021-30271 | Hig | 0.47 | 7.3 | 0.00 | Jan 3, 2022 | Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | ||
| CVE-2021-30269 | Hig | 0.47 | 7.3 | 0.00 | Jan 3, 2022 | Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music,… | ||
| CVE-2020-11263 | Hig | 0.47 | 7.3 | 0.00 | Jan 3, 2022 | An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | ||
| CVE-2021-30338 | Hig | 0.46 | 7.1 | 0.00 | Jun 14, 2022 | Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute | ||
| CVE-2021-30278 | Hig | 0.46 | 7.1 | 0.00 | Jan 3, 2022 | Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and… | ||
| CVE-2021-1935 | Hig | 0.46 | 7.1 | 0.00 | Sep 9, 2021 | Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon… | ||
| CVE-2020-11161 | Hig | 0.46 | 7.1 | 0.00 | Jun 9, 2021 | Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | ||
| CVE-2020-11132 | Hig | 0.46 | 7.1 | 0.00 | Nov 12, 2020 | u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure… | ||
| CVE-2020-3617 | Hig | 0.46 | 7.1 | 0.00 | Sep 9, 2020 | u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta,… | ||
| CVE-2019-14101 | Hig | 0.46 | 7.1 | 0.00 | Jul 30, 2020 | Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer… | ||
| CVE-2019-14104 | Hig | 0.46 | 7.1 | 0.00 | Apr 16, 2020 | Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, SC8180X, SDX55, SM8150 | ||
| CVE-2019-2284 | Hig | 0.46 | 7.0 | 0.00 | Sep 30, 2019 | Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215,… | ||
| CVE-2019-2314 | Hig | 0.46 | 7.0 | 0.00 | Jul 25, 2019 | Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405,… | ||
| CVE-2018-13909 | Hig | 0.46 | 7.0 | 0.00 | Jun 14, 2019 | Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial… | ||
| CVE-2022-25666 | Med | 0.44 | 6.7 | 0.00 | Oct 19, 2022 | Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | ||
| CVE-2022-25665 | Med | 0.44 | 6.8 | 0.00 | Oct 19, 2022 | Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile | ||
| CVE-2021-35120 | Med | 0.44 | 6.7 | 0.00 | Jun 14, 2022 | Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||
| CVE-2021-35098 | Med | 0.44 | 6.7 | 0.00 | Jun 14, 2022 | Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
- risk 0.47cvss 7.3epss 0.00
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…
- risk 0.47cvss 7.3epss 0.01
memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.47cvss 7.3epss 0.00
Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- risk 0.47cvss 7.3epss 0.00
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music,…
- risk 0.47cvss 7.3epss 0.00
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
- risk 0.46cvss 7.1epss 0.00
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute
- risk 0.46cvss 7.1epss 0.00
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and…
- risk 0.46cvss 7.1epss 0.00
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon…
- risk 0.46cvss 7.1epss 0.00
Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- risk 0.46cvss 7.1epss 0.00
u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure…
- risk 0.46cvss 7.1epss 0.00
u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta,…
- risk 0.46cvss 7.1epss 0.00
Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer…
- risk 0.46cvss 7.1epss 0.00
Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, SC8180X, SDX55, SM8150
- risk 0.46cvss 7.0epss 0.00
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215,…
- risk 0.46cvss 7.0epss 0.00
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405,…
- risk 0.46cvss 7.0epss 0.00
Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…
- risk 0.44cvss 6.7epss 0.00
Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
- risk 0.44cvss 6.8epss 0.00
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
- risk 0.44cvss 6.7epss 0.00
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- risk 0.44cvss 6.7epss 0.00
Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Page 11 of 13