VYPR

Snapdragon Mobile

by Qualcomm

CVEs (529)

  • CVE-2019-13992HigSep 8, 2020
    risk 0.51cvss 7.8epss 0.00

    u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2020-3701HigJul 30, 2020
    risk 0.51cvss 7.8epss 0.00

    Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130

  • CVE-2020-3676HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953,…

  • CVE-2020-3642HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150,…

  • CVE-2020-3613HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150

  • CVE-2019-14047HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2019-10597HigJun 22, 2020
    risk 0.51cvss 7.8epss 0.00

    kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996,…

  • CVE-2020-3623HigJun 2, 2020
    risk 0.51cvss 7.8epss 0.00

    kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130

  • CVE-2019-14054HigJun 2, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking…

  • CVE-2019-14135HigApr 16, 2020
    risk 0.51cvss 7.8epss 0.00

    Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2019-14122HigApr 16, 2020
    risk 0.51cvss 7.8epss 0.00

    Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentation in Snapdragon Auto, Snapdragon Mobile in Saipan, SM8150, SM8250, SXR2130

  • CVE-2019-14105HigApr 16, 2020
    risk 0.51cvss 7.8epss 0.00

    Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150

  • CVE-2019-14001HigApr 16, 2020
    risk 0.51cvss 7.8epss 0.00

    Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607,…

  • CVE-2019-10624HigApr 16, 2020
    risk 0.51cvss 7.8epss 0.00

    While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2019-10620HigApr 16, 2020
    risk 0.51cvss 7.8epss 0.00

    Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU,…

  • CVE-2019-14032HigMar 5, 2020
    risk 0.51cvss 7.8epss 0.00

    Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in…

  • CVE-2019-14030HigMar 5, 2020
    risk 0.51cvss 7.8epss 0.00

    The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired…

  • CVE-2019-14044HigFeb 7, 2020
    risk 0.51cvss 7.8epss 0.00

    Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24

  • CVE-2019-2267HigJan 21, 2020
    risk 0.51cvss 7.8epss 0.00

    Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired…

  • CVE-2019-14023HigJan 21, 2020
    risk 0.51cvss 7.8epss 0.00

    String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in…

Page 15 of 27