Qualcomm MSM8108

CPE Details

Qualcomm MSM8108
-
2020-12-21
12h45 +00:00
2020-12-21
12h45 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*

Informations

Vendor

qualcomm

Product

msm8108

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-43052 2024-12-02 10h18 +00:00 Memory corruption while processing API calls to NPU with invalid input.
7.8
Haute
CVE-2024-33056 2024-12-02 10h18 +00:00 Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
8.4
Haute
CVE-2024-38423 2024-11-04 10h05 +00:00 Memory corruption while processing GPU page table switch.
7.8
Haute
CVE-2024-38422 2024-11-04 10h04 +00:00 Memory corruption while processing voice packet with arbitrary data received from ADSP.
7.8
Haute
CVE-2024-23385 2024-11-04 10h04 +00:00 Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
7.5
Haute
CVE-2024-33052 2024-09-02 10h22 +00:00 Memory corruption when user provides data for FM HCI command control operations.
7.8
Haute
CVE-2024-33043 2024-09-02 10h22 +00:00 Transient DOS while handling PS event when Program Service name length offset value is set to 255.
5.5
Moyen
CVE-2024-33042 2024-09-02 10h22 +00:00 Memory corruption when Alternative Frequency offset value is set to 255.
7.8
Haute
CVE-2024-23353 2024-08-05 14h21 +00:00 Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
7.5
Haute
CVE-2023-43551 2024-06-03 10h05 +00:00 Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
9.1
Critique
CVE-2024-21468 2024-04-01 15h06 +00:00 Memory corruption when there is failed unmap operation in GPU.
8.4
Haute
CVE-2023-33066 2024-03-04 10h48 +00:00 Memory corruption in Audio while processing RT proxy port register driver.
8.4
Haute
CVE-2023-33120 2024-01-02 05h38 +00:00 Memory corruption in Audio when memory map command is executed consecutively in ADSP.
7.8
Haute
CVE-2023-33033 2024-01-02 05h38 +00:00 Memory corruption in Audio during playback with speaker protection.
8.4
Haute
CVE-2023-33030 2024-01-02 05h38 +00:00 Memory corruption in HLOS while running playready use-case.
9.3
Critique
CVE-2023-33107 2023-12-05 03h04 +00:00 Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
8.4
Haute
CVE-2023-33018 2023-12-05 03h04 +00:00 Memory corruption while using the UIM diag command to get the operators name.
7.8
Haute
CVE-2023-33017 2023-12-05 03h03 +00:00 Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
7.8
Haute
CVE-2023-28588 2023-12-05 03h03 +00:00 Transient DOS in Bluetooth Host while rfc slot allocation.
7.5
Haute
CVE-2023-28586 2023-12-05 03h03 +00:00 Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
6.5
Moyen
CVE-2023-28551 2023-12-05 03h03 +00:00 Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
7.8
Haute
CVE-2023-28550 2023-12-05 03h03 +00:00 Memory corruption in MPP performance while accessing DSM watermark using external memory address.
7.8
Haute
CVE-2023-33059 2023-11-07 05h26 +00:00 Memory corruption in Audio while processing the VOC packet data from ADSP.
7.8
Haute
CVE-2023-33031 2023-11-07 05h26 +00:00 Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
7.8
Haute
CVE-2023-22388 2023-11-07 05h26 +00:00 Memory Corruption in Multi-mode Call Processor while processing bit mask API.
9.8
Critique
CVE-2023-24849 2023-10-03 05h00 +00:00 Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
8.2
Haute
CVE-2023-24848 2023-10-03 05h00 +00:00 Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
8.2
Haute
CVE-2023-22385 2023-10-03 05h00 +00:00 Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
9.8
Critique
CVE-2023-33020 2023-09-05 06h24 +00:00 Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.
7.5
Haute
CVE-2023-33019 2023-09-05 06h24 +00:00 Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.
7.5
Haute
CVE-2023-28537 2023-08-08 09h15 +00:00 Memory corruption while allocating memory in COmxApeDec module in Audio.
8.4
Haute
CVE-2023-22666 2023-08-08 09h15 +00:00 Memory Corruption in Audio while playing amrwbplus clips with modified content.
8.4
Haute
CVE-2023-21626 2023-08-08 09h14 +00:00 Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
7.1
Haute
CVE-2023-21625 2023-08-08 09h14 +00:00 Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
8.2
Haute
CVE-2022-40510 2023-08-08 09h14 +00:00 Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
9.8
Critique
CVE-2023-22667 2023-07-04 04h46 +00:00 Memory Corruption in Audio while allocating the ion buffer during the music playback.
8.4
Haute
CVE-2023-21631 2023-07-04 04h46 +00:00 Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
9.8
Critique
CVE-2023-21629 2023-07-04 04h46 +00:00 Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
6.8
Moyen
CVE-2022-40521 2023-06-06 07h38 +00:00 Transient DOS due to improper authorization in Modem
7.5
Haute
CVE-2022-40507 2023-06-06 07h38 +00:00 Memory corruption due to double free in Core while mapping HLOS address to the list.
8.4
Haute
CVE-2022-33264 2023-06-06 07h38 +00:00 Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
7.9
Haute
CVE-2022-22076 2023-06-06 07h38 +00:00 information disclosure due to cryptographic issue in Core during RPMB read request.
7.1
Haute
CVE-2023-21666 2023-05-02 05h08 +00:00 Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
8.4
Haute
CVE-2023-21665 2023-05-02 05h08 +00:00 Memory corruption in Graphics while importing a file.
8.4
Haute
CVE-2022-40532 2023-04-04 04h46 +00:00 Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4
Haute
CVE-2022-40503 2023-04-04 04h46 +00:00 Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
8.2
Haute
CVE-2022-33302 2023-04-04 04h46 +00:00 Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
7.8
Haute
CVE-2022-33289 2023-04-04 04h46 +00:00 Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
6.8
Moyen
CVE-2022-33231 2023-04-04 04h46 +00:00 Memory corruption due to double free in core while initializing the encryption key.
9.3
Critique
CVE-2022-40537 2023-03-07 04h43 +00:00 Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
9.8
Critique
CVE-2022-40515 2023-03-07 04h43 +00:00 Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
9.8
Critique
CVE-2022-33213 2023-03-07 04h43 +00:00 Memory corruption in modem due to buffer overflow while processing a PPP packet
8.8
Haute
CVE-2022-25705 2023-03-07 04h43 +00:00 Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
7.8
Haute
CVE-2022-25694 2023-03-07 04h43 +00:00 Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
8.4
Haute
CVE-2022-22075 2023-03-07 04h43 +00:00 Information Disclosure in Graphics during GPU context switch.
6.2
Moyen
CVE-2022-33248 2023-02-09 06h58 +00:00 Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
7.8
Haute
CVE-2022-33233 2023-02-09 06h58 +00:00 Memory corruption due to configuration weakness in modem wile sending command to write protected files.
7.8
Haute
CVE-2022-33266 2023-01-06 05h02 +00:00 Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.
7.8
Haute
CVE-2022-33255 2023-01-06 05h02 +00:00 Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.
8.2
Haute
CVE-2022-22088 2023-01-06 04h42 +00:00 Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
9.8
Critique
CVE-2022-22079 2023-01-06 04h42 +00:00 Denial of service while processing fastboot flash command on mmc due to buffer over read
4.6
Moyen
CVE-2022-25682 2022-12-12 23h00 +00:00 Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4
Haute
CVE-2022-25685 2022-12-12 23h00 +00:00 Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
7.5
Haute
CVE-2022-25695 2022-12-12 23h00 +00:00 Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4
Haute
CVE-2022-25702 2022-12-12 23h00 +00:00 Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
7.5
Haute
CVE-2022-25724 2022-11-14 23h00 +00:00 Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4
Haute
CVE-2022-25743 2022-11-14 23h00 +00:00 Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4
Haute
CVE-2022-25687 2022-10-18 22h00 +00:00 memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2022-25718 2022-10-18 22h00 +00:00 Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2022-25719 2022-10-18 22h00 +00:00 Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.1
Critique
CVE-2022-25720 2022-10-18 22h00 +00:00 Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2022-25664 2022-10-11 22h00 +00:00 Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
6.2
Moyen
CVE-2022-22062 2022-09-02 09h31 +00:00 An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.1
Critique
CVE-2021-35072 2022-06-14 07h50 +00:00 Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.8
Haute
CVE-2021-35083 2022-06-14 07h40 +00:00 Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2021-30284 2021-11-12 05h16 +00:00 Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2021-30255 2021-11-12 05h15 +00:00 Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.8
Haute
CVE-2021-30254 2021-11-12 05h15 +00:00 Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.8
Haute
CVE-2021-1975 2021-11-12 05h15 +00:00 Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2021-1973 2021-11-12 05h15 +00:00 A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.8
Haute
CVE-2021-1924 2021-11-12 05h15 +00:00 Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9
Critique
CVE-2021-1959 2021-10-20 04h31 +00:00 Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.8
Haute
CVE-2021-30261 2021-09-17 05h05 +00:00 Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4
Haute
CVE-2021-1935 2021-09-09 05h35 +00:00 Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
7.1
Haute
CVE-2021-1909 2021-09-09 05h35 +00:00 Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
7.8
Haute
CVE-2021-1920 2021-09-08 09h25 +00:00 Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2021-1919 2021-09-08 09h25 +00:00 Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2021-1916 2021-09-08 09h25 +00:00 Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2021-1914 2021-09-08 09h25 +00:00 Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
7.5
Haute
CVE-2020-11304 2021-06-09 04h20 +00:00 Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
7.8
Haute
CVE-2020-11292 2021-06-09 04h20 +00:00 Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.8
Haute
CVE-2020-11289 2021-05-07 07h10 +00:00 Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
7.8
Haute
CVE-2020-11285 2021-05-07 07h10 +00:00 Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11279 2021-05-07 07h10 +00:00 Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2020-11268 2021-05-07 07h10 +00:00 Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile
7.5
Haute
CVE-2020-11255 2021-04-07 05h55 +00:00 Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
7.5
Haute
CVE-2020-11251 2021-04-07 05h55 +00:00 Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11234 2021-04-07 05h55 +00:00 When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.4
Haute
CVE-2020-11191 2021-04-07 05h55 +00:00 Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.1
Critique
CVE-2020-11227 2021-03-17 05h00 +00:00 Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2020-11226 2021-03-17 05h00 +00:00 Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.5
Haute
CVE-2020-11221 2021-03-17 05h00 +00:00 Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
5.5
Moyen
CVE-2020-11192 2021-03-17 05h00 +00:00 Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.8
Critique
CVE-2020-11199 2021-03-17 05h00 +00:00 HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
5.5
Moyen
CVE-2020-11190 2021-03-17 05h00 +00:00 Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11189 2021-03-17 05h00 +00:00 Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11188 2021-03-17 05h00 +00:00 Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11171 2021-03-17 05h00 +00:00 Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11166 2021-03-17 05h00 +00:00 Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11269 2021-02-22 05h25 +00:00 Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
8.8
Haute
CVE-2020-11204 2021-02-22 05h25 +00:00 Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
7.8
Haute
CVE-2020-11195 2021-02-22 05h25 +00:00 Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
7.8
Haute
CVE-2020-11177 2021-02-22 05h25 +00:00 User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.8
Haute
CVE-2020-11170 2021-02-22 05h25 +00:00 Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-3691 2021-01-21 08h41 +00:00 Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-3686 2021-01-21 08h41 +00:00 Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-3685 2021-01-21 08h41 +00:00 Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
7.5
Haute
CVE-2020-11213 2021-01-21 08h41 +00:00 Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-11212 2021-01-21 08h41 +00:00 Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-11145 2021-01-21 08h41 +00:00 Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
7.5
Haute
CVE-2020-11144 2021-01-21 08h41 +00:00 Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
9.1
Critique
CVE-2020-11143 2021-01-21 08h41 +00:00 Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-11137 2021-01-21 08h41 +00:00 Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-11138 2021-01-21 08h41 +00:00 Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-11136 2021-01-21 08h41 +00:00 Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
9.8
Critique
CVE-2020-3639 2020-11-12 09h00 +00:00 u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8017, APQ8037, APQ8053, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCM4290, QCM6125, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA415M, SA6145P, SA6150P, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8350, SM8350P, SXR1120, SXR1130
9.8
Critique
CVE-2020-11132 2020-11-12 09h00 +00:00 u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
7.1
Haute
CVE-2020-11123 2020-11-12 09h00 +00:00 u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
5.5
Moyen