Qualcomm QCN7606

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.

Published: 2025-11-04T03:19:26.256Z
Updated: 2025-11-04T19:00:52.629Z

Transient DOS while parsing the EPTM test control message to get the test pattern.

Published: 2025-09-24T15:33:51.163Z
Updated: 2025-09-24T17:28:16.793Z

Transient DOS while processing an ANQP message.

Published: 2025-08-06T07:26:03.160Z
Updated: 2025-08-06T13:36:36.865Z

Memory corruption while processing a malformed license file during reboot.

Published: 2025-10-09T03:18:03.164Z
Updated: 2026-02-26T17:48:07.760Z

Memory corruption during PlayReady APP usecase while processing TA commands.

Published: 2025-10-09T03:18:00.779Z
Updated: 2026-02-26T17:48:08.266Z

Memory corruption while performing private key encryption in trusted application.

Published: 2025-09-24T15:33:27.834Z
Updated: 2026-02-26T17:48:14.912Z

Information disclosure while processing the hash segment in an MBN file.

Published: 2025-08-06T07:25:55.226Z
Updated: 2025-08-06T19:26:20.064Z

Information disclosure while reading data from an image using specified offset and size parameters.

Published: 2025-08-06T07:25:53.752Z
Updated: 2025-08-06T19:25:57.162Z

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.

Published: 2025-04-07T10:16:07.416Z
Updated: 2026-02-26T18:28:48.803Z

Memory corruption while IOCTL call is invoked from user-space to read board data.

Published: 2025-04-07T10:16:06.109Z
Updated: 2026-02-26T18:28:49.300Z

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

Published: 2025-07-08T12:48:52.630Z
Updated: 2025-07-08T16:10:56.037Z

Memory corruption while retrieving the CBOR data from TA.

Published: 2025-07-08T12:48:50.667Z
Updated: 2026-02-26T18:27:48.873Z

Memory corruption while reading secure file.

Published: 2025-05-06T08:32:17.432Z
Updated: 2026-02-26T18:28:57.237Z

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.

Published: 2025-04-07T10:15:44.780Z
Updated: 2025-04-07T16:49:45.365Z

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Published: 2025-01-06T10:33:24.141Z
Updated: 2025-01-06T14:18:35.300Z

Memory corruption when IOCTL call is invoked from user-space to read board data.

Published: 2025-01-06T10:33:22.981Z
Updated: 2025-01-06T14:18:35.413Z

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

Published: 2024-12-02T10:18:51.326Z
Updated: 2024-12-03T04:55:39.595Z

There may be information disclosure during memory re-allocation in TZ Secure OS.

Published: 2025-04-07T10:15:31.869Z
Updated: 2025-04-07T16:02:40.607Z

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

Published: 2024-11-04T10:04:50.376Z
Updated: 2024-11-04T14:56:33.847Z

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

Published: 2024-09-02T10:22:41.891Z
Updated: 2024-09-03T13:33:06.777Z

memory corruption when an invalid firehose patch command is invoked.

Published: 2024-09-02T10:22:32.425Z
Updated: 2024-09-03T14:02:35.440Z

Cryptographic issue while parsing RSA keys in COBR format.

Published: 2024-09-02T10:22:29.332Z
Updated: 2024-09-05T03:56:03.375Z

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

Published: 2024-08-05T14:21:25.013Z
Updated: 2024-08-05T15:17:20.073Z

Memory corruption during session sign renewal request calls in HLOS.

Published: 2024-08-05T14:21:23.701Z
Updated: 2024-08-15T03:55:43.129Z

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

Published: 2024-07-01T14:17:15.436Z
Updated: 2024-08-01T22:20:40.597Z

Memory corruption while processing key blob passed by the user.

Published: 2024-07-01T14:17:12.663Z
Updated: 2024-08-01T22:20:40.847Z

Transient DOS while loading the TA ELF file.

Published: 2024-07-01T14:17:11.022Z
Updated: 2024-08-01T22:20:40.868Z

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

Published: 2024-07-01T14:17:09.366Z
Updated: 2024-08-01T22:20:40.630Z

Memory corruption while parsing qcp clip with invalid chunk data size.

Published: 2024-03-04T10:48:53.494Z
Updated: 2024-08-02T19:44:43.762Z

Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.

Published: 2024-06-03T10:05:15.885Z
Updated: 2024-08-13T20:04:11.714Z

Transient DOS while parse fils IE with length equal to 1.

Published: 2024-02-06T05:47:33.289Z
Updated: 2024-08-02T19:44:43.827Z

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

Published: 2024-02-06T05:47:21.253Z
Updated: 2024-08-02T19:44:42.886Z

Memory corruption in video while parsing invalid mp2 clip.

Published: 2024-02-06T05:47:19.935Z
Updated: 2024-08-02T19:44:42.706Z

Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer.

Published: 2024-01-02T05:38:55.097Z
Updated: 2024-08-02T19:44:43.288Z

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.

Published: 2024-01-02T05:38:53.528Z
Updated: 2025-06-16T19:53:38.503Z

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

Published: 2024-01-02T05:38:41.562Z
Updated: 2025-06-16T18:35:57.084Z

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

Published: 2023-12-05T03:04:26.582Z
Updated: 2024-08-02T15:32:46.683Z

Memory corruption when processing cmd parameters while parsing vdev.

Published: 2023-12-05T03:04:21.594Z
Updated: 2024-08-02T15:32:46.624Z

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Published: 2023-12-05T03:04:15.707Z
Updated: 2024-10-10T19:36:42.225Z

Memory corruption in Core while processing control functions.

Published: 2024-02-06T05:47:11.221Z
Updated: 2025-05-15T19:45:11.041Z

Transient DOS in WLAN Firmware while parsing a BTM request.

Published: 2024-01-02T05:38:36.201Z
Updated: 2025-06-17T20:19:53.666Z

Memory corruption in HLOS while running playready use-case.

Published: 2024-01-02T05:38:26.512Z
Updated: 2025-06-03T14:46:27.869Z

Transient DOS in WLAN Firmware while parsing rsn ies.

Published: 2023-10-03T05:00:40.127Z
Updated: 2024-08-02T15:32:46.565Z

Memory corruption while processing finish_sign command to pass a rsp buffer.

Published: 2024-04-01T15:05:51.287Z
Updated: 2024-08-02T15:32:46.521Z

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Published: 2023-12-05T03:04:02.255Z
Updated: 2025-05-29T13:32:24.041Z

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Published: 2023-12-05T03:03:59.402Z
Updated: 2024-08-02T15:32:46.510Z

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

Published: 2023-09-05T06:24:29.035Z
Updated: 2024-08-02T15:32:46.747Z

Transient DOS in Bluetooth Host while rfc slot allocation.

Published: 2023-12-05T03:03:58.097Z
Updated: 2024-08-02T13:43:23.180Z

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

Published: 2023-12-05T03:03:56.759Z
Updated: 2024-08-02T13:43:23.596Z

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

Published: 2023-12-05T03:03:55.223Z
Updated: 2024-12-02T17:11:28.311Z

Memory corruption while loading an ELF segment in TEE Kernel.

Published: 2023-12-05T03:03:53.662Z
Updated: 2026-02-25T16:51:08.675Z

Information disclosure in WLAN HAL while handling command through WMI interfaces.

Published: 2023-11-07T05:26:42.279Z
Updated: 2024-08-02T13:43:22.620Z

Memory corruption in WLAN HAL while handling command through WMI interfaces.

Published: 2023-09-05T06:24:23.598Z
Updated: 2025-02-27T21:01:29.633Z

Information disclosure in WLAN HAL while handling the WMI state info command.

Published: 2023-11-07T05:26:38.950Z
Updated: 2024-08-02T13:43:22.544Z

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

Published: 2023-09-05T06:24:21.806Z
Updated: 2025-02-27T21:01:35.661Z

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

Published: 2023-09-05T06:24:20.269Z
Updated: 2025-02-27T21:01:43.864Z

Information disclosure in IOE Firmware while handling WMI command.

Published: 2023-11-07T05:26:37.887Z
Updated: 2024-08-02T13:43:23.473Z

Memory corruption while handling payloads from remote ESL.

Published: 2023-09-05T06:24:18.576Z
Updated: 2025-02-27T21:01:53.556Z

Memory corruption in QESL while processing payload from external ESL device to firmware.

Published: 2023-08-08T09:15:03.741Z
Updated: 2024-08-02T13:43:23.590Z

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

Published: 2023-09-05T06:24:17.160Z
Updated: 2025-02-27T21:02:03.721Z

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.

Published: 2023-09-05T06:24:15.784Z
Updated: 2025-02-27T21:02:10.588Z

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

Published: 2023-09-05T06:24:14.024Z
Updated: 2024-08-02T13:43:23.150Z

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

Published: 2023-09-05T06:24:12.673Z
Updated: 2024-08-02T13:43:23.051Z

Cryptographic issue in HLOS during key management.

Published: 2023-11-07T05:26:36.631Z
Updated: 2024-08-02T13:43:22.844Z

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

Published: 2023-12-05T03:03:48.538Z
Updated: 2024-08-02T13:43:22.782Z

Memory corruption in SPS Application while requesting for public key in sorter TA.

Published: 2024-04-01T15:05:49.478Z
Updated: 2024-08-02T13:43:22.683Z

Memory Corruption in SPS Application while exporting public key in sorter TA.

Published: 2023-12-05T03:03:46.993Z
Updated: 2026-02-25T16:51:09.392Z

Memory corruption in TZ Secure OS while loading an app ELF.

Published: 2023-11-07T05:26:32.849Z
Updated: 2024-08-02T13:43:22.294Z

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

Published: 2023-09-05T06:24:08.152Z
Updated: 2025-02-27T21:02:34.781Z

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

Published: 2023-07-04T04:46:44.316Z
Updated: 2024-08-02T13:43:23.078Z

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

Published: 2023-09-05T06:24:05.510Z
Updated: 2025-02-27T21:02:40.815Z

Memory Corruption in Core due to secure memory access by user while loading modem image.

Published: 2023-11-07T05:26:31.358Z
Updated: 2024-08-02T11:03:19.294Z

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

Published: 2023-10-03T05:00:31.983Z
Updated: 2025-02-27T20:48:09.352Z

Transient DOS in Modem while allocating DSM items.

Published: 2023-10-03T05:00:27.519Z
Updated: 2024-08-02T11:03:19.321Z

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

Published: 2023-08-08T09:14:59.131Z
Updated: 2024-10-11T17:49:22.790Z

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

Published: 2023-08-08T09:14:58.131Z
Updated: 2024-10-22T21:05:05.459Z

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Published: 2023-06-06T07:39:07.103Z
Updated: 2024-08-02T09:44:01.610Z

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

Published: 2023-08-08T09:14:50.487Z
Updated: 2024-10-24T18:59:08.395Z

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

Published: 2023-03-07T04:43:54.084Z
Updated: 2024-08-03T12:21:46.193Z

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Published: 2023-04-04T04:46:55.076Z
Updated: 2024-08-03T12:21:46.326Z

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Published: 2023-03-07T04:43:50.477Z
Updated: 2024-08-03T12:21:46.067Z

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

Published: 2023-03-07T04:43:48.352Z
Updated: 2024-08-03T12:21:46.449Z

Information disclosure in Kernel due to indirect branch misprediction.

Published: 2023-06-06T07:38:57.528Z
Updated: 2024-08-03T12:21:45.915Z

Information disclosure due to buffer overread in Core

Published: 2023-01-06T05:02:39.601Z
Updated: 2025-04-09T14:38:16.819Z

Information disclosure due to buffer overread in Core

Published: 2023-01-06T05:02:38.300Z
Updated: 2025-04-09T14:48:06.432Z

Memory corruption in core due to stack-based buffer overflow

Published: 2023-01-06T05:02:37.025Z
Updated: 2025-04-09T14:49:40.938Z

Memory corruption in Core due to stack-based buffer overflow.

Published: 2023-01-06T05:02:35.679Z
Updated: 2025-04-09T14:50:56.768Z

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

Published: 2023-03-07T04:43:44.556Z
Updated: 2024-08-03T12:21:45.815Z

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Published: 2023-02-09T06:58:51.576Z
Updated: 2024-08-03T12:21:46.219Z

Memory corruption due to double free in Core while mapping HLOS address to the list.

Published: 2023-06-06T07:38:52.586Z
Updated: 2025-01-07T19:33:51.689Z

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

Published: 2023-04-04T04:46:53.479Z
Updated: 2024-08-03T12:21:45.922Z

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

Published: 2023-01-06T05:02:30.303Z
Updated: 2025-04-09T14:57:22.026Z

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

Published: 2023-01-06T05:02:28.591Z
Updated: 2025-04-09T15:00:21.443Z

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

Published: 2023-03-07T04:43:40.561Z
Updated: 2024-08-03T08:01:20.527Z

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

Published: 2023-02-09T06:58:41.756Z
Updated: 2024-08-03T08:01:20.528Z

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

Published: 2023-02-09T06:58:40.259Z
Updated: 2024-08-03T08:01:20.493Z

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Published: 2023-03-07T04:43:34.866Z
Updated: 2024-08-03T08:01:20.420Z

Memory corruption in WLAN due to use after free

Published: 2023-03-07T04:43:28.096Z
Updated: 2024-08-03T08:01:20.518Z

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-11-15T00:00:00.000Z
Updated: 2025-04-22T15:48:59.953Z

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-12-13T00:00:00.000Z
Updated: 2025-04-22T13:50:17.708Z

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-11-15T00:00:00.000Z
Updated: 2025-04-22T15:49:08.644Z

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-12-13T00:00:00.000Z
Updated: 2025-04-22T15:44:28.488Z

Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: 2022-11-15T00:00:00.000Z
Updated: 2025-04-22T15:49:24.862Z

Memory corruption due to double free in core while initializing the encryption key.

Published: 2023-04-04T04:46:29.234Z
Updated: 2024-08-03T08:01:20.424Z

Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: 2022-10-17T00:00:00.000Z
Updated: 2025-05-14T14:29:50.609Z

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-10-19T00:00:00.000Z
Updated: 2025-04-22T15:51:26.911Z

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-10-19T00:00:00.000Z
Updated: 2025-04-22T15:51:34.419Z

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-10-19T00:00:00.000Z
Updated: 2025-05-09T14:34:56.898Z

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2022-10-19T00:00:00.000Z
Updated: 2025-05-09T14:36:02.779Z

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: 2022-09-16T05:25:57.000Z
Updated: 2024-08-03T04:42:50.784Z

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2022-10-19T00:00:00.000Z
Updated: 2025-05-09T14:49:11.184Z

Denial of service in video due to improper access control in broadcast receivers in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: 2022-11-15T00:00:00.000Z
Updated: 2025-04-22T15:50:35.689Z

Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: 2022-11-15T00:00:00.000Z
Updated: 2025-04-22T15:50:47.163Z

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

Published: 2023-01-06T04:42:10.711Z
Updated: 2025-04-09T19:58:36.726Z

information disclosure due to cryptographic issue in Core during RPMB read request.

Published: 2023-06-06T07:38:33.401Z
Updated: 2024-08-03T03:00:55.353Z

Information Disclosure in Graphics during GPU context switch.

Published: 2023-03-07T04:43:13.349Z
Updated: 2024-08-03T03:00:55.225Z

Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2022-06-14T09:51:12.000Z
Updated: 2024-08-03T03:00:55.333Z

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2022-06-14T09:51:11.000Z
Updated: 2024-08-03T03:00:55.367Z

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-09-02T11:31:05.000Z
Updated: 2024-08-03T03:00:55.211Z

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2022-09-26T16:35:09.000Z
Updated: 2025-05-21T15:13:53.906Z

Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: 2022-06-14T09:50:54.000Z
Updated: 2024-08-04T00:33:51.079Z

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2022-06-14T09:40:35.000Z
Updated: 2024-08-04T00:33:50.937Z

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: 2022-06-14T10:11:15.000Z
Updated: 2024-08-04T00:33:50.565Z

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: 2022-01-03T07:26:12.000Z
Updated: 2024-08-03T22:32:41.122Z

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music

Published: 2022-06-14T10:10:50.000Z
Updated: 2024-08-03T22:32:40.865Z

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2022-02-11T10:40:21.000Z
Updated: 2024-08-03T22:32:40.904Z

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2022-01-03T07:26:06.000Z
Updated: 2024-08-03T22:32:40.453Z

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-10-20T06:31:38.000Z
Updated: 2024-08-03T22:32:39.957Z

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-01-03T07:25:48.000Z
Updated: 2024-08-03T22:24:59.599Z

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2022-01-03T07:25:46.000Z
Updated: 2024-08-03T22:24:59.646Z

Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2022-01-03T07:25:44.000Z
Updated: 2024-08-03T22:24:59.679Z

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-09-17T07:05:25.000Z
Updated: 2024-08-03T22:24:59.594Z

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-09-09T07:35:59.000Z
Updated: 2024-08-03T16:25:06.534Z

Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: 2021-09-09T07:35:54.000Z
Updated: 2024-08-03T16:25:06.355Z

Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-07-13T05:31:00.000Z
Updated: 2024-08-03T16:25:06.259Z

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-07-13T05:30:54.000Z
Updated: 2024-08-03T16:25:06.420Z

Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-05-07T09:10:42.000Z
Updated: 2024-08-03T16:25:06.173Z

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-05-07T09:10:42.000Z
Updated: 2024-08-03T16:25:06.195Z

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2021-09-09T07:35:41.000Z
Updated: 2024-08-03T16:25:06.203Z

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-11-12T06:15:37.000Z
Updated: 2024-08-03T16:25:06.371Z

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Published: 2021-04-07T07:55:36.000Z
Updated: 2024-08-03T16:25:06.439Z

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2021-09-08T11:25:31.000Z
Updated: 2024-08-04T11:28:13.862Z

Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: 2021-02-22T06:26:07.000Z
Updated: 2024-08-04T11:28:13.877Z

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:06.000Z
Updated: 2024-08-04T11:28:13.857Z

Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:06.000Z
Updated: 2024-08-04T11:28:13.836Z

Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:03.000Z
Updated: 2024-08-04T11:28:13.781Z

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:03.000Z
Updated: 2024-08-04T11:28:13.809Z

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:02.000Z
Updated: 2024-08-04T11:28:13.796Z

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:01.000Z
Updated: 2024-08-04T11:28:13.815Z

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:26:00.000Z
Updated: 2024-08-04T11:28:13.848Z

Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2021-02-22T06:25:59.000Z
Updated: 2024-08-04T11:28:13.859Z

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:25:58.000Z
Updated: 2024-08-04T11:28:13.840Z

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2021-02-22T06:25:57.000Z
Updated: 2024-08-04T11:28:13.880Z

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-06-09T05:00:44.000Z
Updated: 2024-08-04T11:28:13.847Z

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-06-09T05:00:42.000Z
Updated: 2024-08-04T11:28:13.795Z

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-06-09T05:00:41.000Z
Updated: 2024-08-04T11:28:13.379Z

When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: 2021-04-07T07:55:29.000Z
Updated: 2024-08-04T11:28:13.531Z

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:28.000Z
Updated: 2024-08-04T11:28:13.852Z

An out of bounds read can happen when processing VSA attribute due to improper minimum required length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:26.000Z
Updated: 2024-08-04T11:28:13.759Z

Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:26.000Z
Updated: 2024-08-04T11:28:13.404Z

Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:25.000Z
Updated: 2024-08-04T11:28:13.428Z

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:24.000Z
Updated: 2024-08-04T11:28:13.406Z

Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:22.000Z
Updated: 2024-08-04T11:28:13.403Z

u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55

Published: 2020-11-02T06:21:25.000Z
Updated: 2024-08-04T11:28:13.197Z

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-06-09T05:00:36.000Z
Updated: 2024-08-04T11:28:12.378Z

u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55

Published: 2020-11-02T06:21:23.000Z
Updated: 2024-08-04T11:28:12.529Z

u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55

Published: 2020-11-02T06:21:22.000Z
Updated: 2024-08-04T11:28:12.474Z

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-06-09T05:00:36.000Z
Updated: 2024-08-04T11:21:14.790Z

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-06-09T05:00:35.000Z
Updated: 2024-08-04T11:21:14.624Z

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published: 2021-01-21T09:41:10.000Z
Updated: 2024-08-04T11:21:14.640Z

Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCN7606, QCS605, SC8180X, SDA660, SDA845, SDM439, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

Published: 2020-07-30T11:40:27.000Z
Updated: 2024-08-05T00:05:44.332Z

u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6574AU, QCA8081, QCM2150, QCN7605, QCN7606, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Published: 2020-09-08T09:31:25.000Z
Updated: 2024-08-04T22:24:18.630Z