Snapdragon Compute
by Qualcomm
CVEs (251)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11226 | 0.00 | — | 0.01 | Mar 17, 2021 | Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,… | |||
| CVE-2020-11192 | 0.00 | — | 0.01 | Mar 17, 2021 | Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon… | |||
| CVE-2020-11171 | 0.00 | — | 0.01 | Mar 17, 2021 | Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &… | |||
| CVE-2020-11283 | 0.00 | — | 0.01 | Feb 22, 2021 | A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2020-11280 | 0.00 | — | 0.01 | Feb 22, 2021 | Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon… | |||
| CVE-2020-11281 | 0.00 | — | 0.01 | Feb 22, 2021 | Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,… | |||
| CVE-2020-11277 | 0.00 | — | 0.00 | Feb 22, 2021 | Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2020-11275 | 0.00 | — | 0.01 | Feb 22, 2021 | Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial… | |||
| CVE-2020-11271 | 0.00 | — | 0.00 | Feb 22, 2021 | Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon… | |||
| CVE-2020-11269 | 0.00 | — | 0.00 | Feb 22, 2021 | Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | |||
| CVE-2020-11253 | 0.00 | — | 0.00 | Feb 22, 2021 | Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2020-11204 | 0.00 | — | 0.00 | Feb 22, 2021 | Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon… | |||
| CVE-2020-11195 | 0.00 | — | 0.00 | Feb 22, 2021 | Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon… | |||
| CVE-2020-11177 | 0.00 | — | 0.00 | Feb 22, 2021 | User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon… | |||
| CVE-2020-11147 | 0.00 | — | 0.00 | Feb 22, 2021 | Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2020-3691 | 0.00 | — | 0.01 | Jan 21, 2021 | Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &… | |||
| CVE-2020-3686 | 0.00 | — | 0.01 | Jan 21, 2021 | Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… | |||
| CVE-2020-11217 | 0.00 | — | 0.00 | Jan 21, 2021 | A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2020-11214 | 0.00 | — | 0.01 | Jan 21, 2021 | Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon… | |||
| CVE-2020-11213 | 0.00 | — | 0.01 | Jan 21, 2021 | Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… |
- CVE-2020-11226Mar 17, 2021risk 0.00cvss —epss 0.01
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,…
- CVE-2020-11192Mar 17, 2021risk 0.00cvss —epss 0.01
Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…
- CVE-2020-11171Mar 17, 2021risk 0.00cvss —epss 0.01
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &…
- CVE-2020-11283Feb 22, 2021risk 0.00cvss —epss 0.01
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2020-11280Feb 22, 2021risk 0.00cvss —epss 0.01
Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon…
- CVE-2020-11281Feb 22, 2021risk 0.00cvss —epss 0.01
Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…
- CVE-2020-11277Feb 22, 2021risk 0.00cvss —epss 0.00
Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2020-11275Feb 22, 2021risk 0.00cvss —epss 0.01
Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…
- CVE-2020-11271Feb 22, 2021risk 0.00cvss —epss 0.00
Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon…
- CVE-2020-11269Feb 22, 2021risk 0.00cvss —epss 0.00
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- CVE-2020-11253Feb 22, 2021risk 0.00cvss —epss 0.00
Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2020-11204Feb 22, 2021risk 0.00cvss —epss 0.00
Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon…
- CVE-2020-11195Feb 22, 2021risk 0.00cvss —epss 0.00
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…
- CVE-2020-11177Feb 22, 2021risk 0.00cvss —epss 0.00
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon…
- CVE-2020-11147Feb 22, 2021risk 0.00cvss —epss 0.00
Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2020-3691Jan 21, 2021risk 0.00cvss —epss 0.01
Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &…
- CVE-2020-3686Jan 21, 2021risk 0.00cvss —epss 0.01
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
- CVE-2020-11217Jan 21, 2021risk 0.00cvss —epss 0.00
A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2020-11214Jan 21, 2021risk 0.00cvss —epss 0.01
Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon…
- CVE-2020-11213Jan 21, 2021risk 0.00cvss —epss 0.01
Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
Page 7 of 13