Snapdragon Mobile
by Qualcomm
CVEs (529)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-13992 | Hig | 0.51 | 7.8 | 0.00 | Sep 8, 2020 | u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | ||
| CVE-2020-3701 | Hig | 0.51 | 7.8 | 0.00 | Jul 30, 2020 | Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130 | ||
| CVE-2020-3676 | Hig | 0.51 | 7.8 | 0.00 | Jun 22, 2020 | Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953,… | ||
| CVE-2020-3642 | Hig | 0.51 | 7.8 | 0.00 | Jun 22, 2020 | Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150,… | ||
| CVE-2020-3613 | Hig | 0.51 | 7.8 | 0.00 | Jun 22, 2020 | Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150 | ||
| CVE-2019-14047 | Hig | 0.51 | 7.8 | 0.00 | Jun 22, 2020 | While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,… | ||
| CVE-2019-10597 | Hig | 0.51 | 7.8 | 0.00 | Jun 22, 2020 | kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996,… | ||
| CVE-2020-3623 | Hig | 0.51 | 7.8 | 0.00 | Jun 2, 2020 | kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130 | ||
| CVE-2019-14054 | Hig | 0.51 | 7.8 | 0.00 | Jun 2, 2020 | Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking… | ||
| CVE-2019-14135 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2020 | Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,… | ||
| CVE-2019-14122 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2020 | Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentation in Snapdragon Auto, Snapdragon Mobile in Saipan, SM8150, SM8250, SXR2130 | ||
| CVE-2019-14105 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2020 | Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150 | ||
| CVE-2019-14001 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2020 | Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607,… | ||
| CVE-2019-10624 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2020 | While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon… | ||
| CVE-2019-10620 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2020 | Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU,… | ||
| CVE-2019-14032 | Hig | 0.51 | 7.8 | 0.00 | Mar 5, 2020 | Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in… | ||
| CVE-2019-14030 | Hig | 0.51 | 7.8 | 0.00 | Mar 5, 2020 | The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired… | ||
| CVE-2019-14044 | Hig | 0.51 | 7.8 | 0.00 | Feb 7, 2020 | Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24 | ||
| CVE-2019-2267 | Hig | 0.51 | 7.8 | 0.00 | Jan 21, 2020 | Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired… | ||
| CVE-2019-14023 | Hig | 0.51 | 7.8 | 0.00 | Jan 21, 2020 | String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in… |
- risk 0.51cvss 7.8epss 0.00
u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- risk 0.51cvss 7.8epss 0.00
Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130
- risk 0.51cvss 7.8epss 0.00
Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953,…
- risk 0.51cvss 7.8epss 0.00
Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150,…
- risk 0.51cvss 7.8epss 0.00
Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150
- risk 0.51cvss 7.8epss 0.00
While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…
- risk 0.51cvss 7.8epss 0.00
kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996,…
- risk 0.51cvss 7.8epss 0.00
kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130
- risk 0.51cvss 7.8epss 0.00
Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking…
- risk 0.51cvss 7.8epss 0.00
Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
- risk 0.51cvss 7.8epss 0.00
Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentation in Snapdragon Auto, Snapdragon Mobile in Saipan, SM8150, SM8250, SXR2130
- risk 0.51cvss 7.8epss 0.00
Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150
- risk 0.51cvss 7.8epss 0.00
Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607,…
- risk 0.51cvss 7.8epss 0.00
While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon…
- risk 0.51cvss 7.8epss 0.00
Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU,…
- risk 0.51cvss 7.8epss 0.00
Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in…
- risk 0.51cvss 7.8epss 0.00
The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired…
- risk 0.51cvss 7.8epss 0.00
Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24
- risk 0.51cvss 7.8epss 0.00
Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired…
- risk 0.51cvss 7.8epss 0.00
String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in…
Page 15 of 27