Snapdragon
by Qualcomm
CVEs (937)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-30270 | Hig | 0.47 | 7.3 | 0.00 | Jan 3, 2022 | Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon… | ||
| CVE-2021-1909 | Hig | 0.47 | 7.3 | 0.00 | Sep 9, 2021 | Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon… | ||
| CVE-2021-1910 | Hig | 0.47 | 7.3 | 0.01 | May 7, 2021 | Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2020-11252 | Hig | 0.47 | 7.2 | 0.00 | Apr 7, 2021 | Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,… | ||
| CVE-2019-10495 | Hig | 0.47 | 7.3 | 0.00 | Nov 6, 2019 | Arbitrary buffer write issue while processing sequence header during HEVC or AVC encoding. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in… | ||
| CVE-2021-35101 | Hig | 0.46 | 7.1 | 0.00 | Jun 14, 2022 | Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile | ||
| CVE-2021-30283 | Hig | 0.46 | 7.1 | 0.00 | Jan 3, 2022 | Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | ||
| CVE-2021-30278 | Hig | 0.46 | 7.1 | 0.00 | Jan 3, 2022 | Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and… | ||
| CVE-2021-1894 | Hig | 0.46 | 7.1 | 0.00 | Jan 3, 2022 | Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and… | ||
| CVE-2021-1935 | Hig | 0.46 | 7.1 | 0.00 | Sep 9, 2021 | Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon… | ||
| CVE-2020-11262 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2021 | A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… | ||
| CVE-2020-11250 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2021 | Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon… | ||
| CVE-2020-11233 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2021 | Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice… | ||
| CVE-2020-11161 | Hig | 0.46 | 7.1 | 0.00 | Jun 9, 2021 | Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | ||
| CVE-2020-11290 | Hig | 0.46 | 7.0 | 0.00 | Mar 17, 2021 | Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||
| CVE-2020-11203 | Hig | 0.46 | 7.1 | 0.00 | Feb 22, 2021 | Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||
| CVE-2020-11132 | Hig | 0.46 | 7.1 | 0.00 | Nov 12, 2020 | u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure… | ||
| CVE-2020-11173 | Hig | 0.46 | 7.0 | 0.00 | Nov 2, 2020 | u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon… | ||
| CVE-2020-3619 | Hig | 0.46 | 7.0 | 0.00 | Sep 8, 2020 | u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,… | ||
| CVE-2019-14119 | Hig | 0.46 | 7.0 | 0.00 | Sep 8, 2020 | u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… |
- risk 0.47cvss 7.3epss 0.00
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon…
- risk 0.47cvss 7.3epss 0.00
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon…
- risk 0.47cvss 7.3epss 0.01
Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.47cvss 7.2epss 0.00
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…
- risk 0.47cvss 7.3epss 0.00
Arbitrary buffer write issue while processing sequence header during HEVC or AVC encoding. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in…
- risk 0.46cvss 7.1epss 0.00
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile
- risk 0.46cvss 7.1epss 0.00
Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- risk 0.46cvss 7.1epss 0.00
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and…
- risk 0.46cvss 7.1epss 0.00
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and…
- risk 0.46cvss 7.1epss 0.00
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon…
- risk 0.46cvss 7.0epss 0.00
A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
- risk 0.46cvss 7.0epss 0.00
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon…
- risk 0.46cvss 7.0epss 0.00
Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…
- risk 0.46cvss 7.1epss 0.00
Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- risk 0.46cvss 7.0epss 0.00
Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
- risk 0.46cvss 7.1epss 0.00
Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
- risk 0.46cvss 7.1epss 0.00
u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure…
- risk 0.46cvss 7.0epss 0.00
u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…
- risk 0.46cvss 7.0epss 0.00
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
- risk 0.46cvss 7.0epss 0.00
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
Page 39 of 47