Snapdragon Consumer IOT
by Qualcomm
CVEs (64)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-25681 | 0.00 | — | 0.00 | Dec 13, 2022 | Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2022-25742 | 0.00 | — | 0.00 | Nov 15, 2022 | Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | |||
| CVE-2022-25727 | 0.00 | — | 0.00 | Nov 15, 2022 | Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | |||
| CVE-2022-25674 | 0.00 | — | 0.00 | Nov 15, 2022 | Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | |||
| CVE-2022-25665 | 0.00 | — | 0.00 | Oct 12, 2022 | Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile | |||
| CVE-2022-25661 | 0.00 | — | 0.00 | Oct 12, 2022 | Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2022-22097 | 0.00 | — | 0.00 | Sep 2, 2022 | Memory corruption in graphic driver due to use after free while calling multiple threads application to driver. in Snapdragon Consumer IOT | |||
| CVE-2021-35097 | 0.00 | — | 0.00 | Sep 2, 2022 | Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice… | |||
| CVE-2021-30350 | 0.00 | — | 0.00 | Jun 14, 2022 | Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||
| CVE-2021-30342 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2021-35079 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30309 | 0.00 | — | 0.00 | Feb 11, 2022 | Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30330 | 0.00 | — | 0.01 | Jan 13, 2022 | Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2021-30300 | 0.00 | — | 0.01 | Jan 13, 2022 | Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial… | |||
| CVE-2021-30283 | 0.00 | — | 0.00 | Jan 3, 2022 | Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30276 | 0.00 | — | 0.00 | Jan 3, 2022 | Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking | |||
| CVE-2021-30273 | 0.00 | — | 0.01 | Jan 3, 2022 | Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||
| CVE-2021-1918 | 0.00 | — | 0.00 | Jan 3, 2022 | Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2020-11263 | 0.00 | — | 0.00 | Jan 3, 2022 | An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||
| CVE-2021-30257 | 0.00 | — | 0.00 | Oct 20, 2021 | Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT |
- CVE-2022-25681Dec 13, 2022risk 0.00cvss —epss 0.00
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2022-25742Nov 15, 2022risk 0.00cvss —epss 0.00
Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
- CVE-2022-25727Nov 15, 2022risk 0.00cvss —epss 0.00
Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
- CVE-2022-25674Nov 15, 2022risk 0.00cvss —epss 0.00
Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
- CVE-2022-25665Oct 12, 2022risk 0.00cvss —epss 0.00
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
- CVE-2022-25661Oct 12, 2022risk 0.00cvss —epss 0.00
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2022-22097Sep 2, 2022risk 0.00cvss —epss 0.00
Memory corruption in graphic driver due to use after free while calling multiple threads application to driver. in Snapdragon Consumer IOT
- CVE-2021-35097Sep 2, 2022risk 0.00cvss —epss 0.00
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…
- CVE-2021-30350Jun 14, 2022risk 0.00cvss —epss 0.00
Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- CVE-2021-30342Jun 14, 2022risk 0.00cvss —epss 0.00
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2021-35079Jun 14, 2022risk 0.00cvss —epss 0.00
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30309Feb 11, 2022risk 0.00cvss —epss 0.00
Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30330Jan 13, 2022risk 0.00cvss —epss 0.01
Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2021-30300Jan 13, 2022risk 0.00cvss —epss 0.01
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…
- CVE-2021-30283Jan 3, 2022risk 0.00cvss —epss 0.00
Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30276Jan 3, 2022risk 0.00cvss —epss 0.00
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking
- CVE-2021-30273Jan 3, 2022risk 0.00cvss —epss 0.01
Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- CVE-2021-1918Jan 3, 2022risk 0.00cvss —epss 0.00
Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2020-11263Jan 3, 2022risk 0.00cvss —epss 0.00
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
- CVE-2021-30257Oct 20, 2021risk 0.00cvss —epss 0.00
Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
Page 1 of 4