CVE-2021-30284

all versions

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto

7.5HIGH

CVE-2021-30255

all versions

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapd

7.8HIGH

CVE-2021-30254

all versions

Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdra

7.8HIGH

CVE-2021-1975

all versions

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput

9.8CRITICAL

CVE-2021-1973

all versions

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

7.8HIGH

CVE-2021-1924

all versions

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon

9.0CRITICAL

CVE-2021-1959

all versions

Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi

7.8HIGH

CVE-2020-11303

all versions

Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapd

8.6HIGH

CVE-2021-30261

all versions

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from

8.4HIGH

CVE-2021-30260

all versions

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist

8.4HIGH

CVE-2021-1909

all versions

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, S

7.3HIGH

CVE-2021-1972

all versions

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap

9.8CRITICAL

CVE-2021-1920

all versions

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C

9.8CRITICAL

CVE-2021-1919

all versions

Integer underflow can occur when the RTCP length is lesser than the actual blocks present in Snapdragon Auto, Snapdragon Comp

9.8CRITICAL

CVE-2021-1916

all versions

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,

9.8CRITICAL

CVE-2021-1914

all versions

Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Comput

7.5HIGH

CVE-2021-1904

all versions

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Sna

6.2MEDIUM

CVE-2020-11301

all versions

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapd

9.1CRITICAL

CVE-2021-1955

all versions

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon

7.5HIGH

CVE-2020-11292

all versions

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd

7.8HIGH

CVE-2020-11267

all versions

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdra

8.4HIGH

CVE-2020-11235

all versions

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag

7.8HIGH

CVE-2020-11233

all versions

Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc wi

7.0HIGH

CVE-2020-11159

all versions

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po

9.1CRITICAL

CVE-2020-11285

all versions

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon

8.2HIGH

CVE-2020-11279

all versions

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

7.5HIGH

CVE-2020-11251

all versions

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A

8.2HIGH

CVE-2020-11234

all versions

When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread r

8.4HIGH

CVE-2020-11191

all versions

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,

8.2HIGH

CVE-2020-11227

all versions

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdrag

9.8CRITICAL

CVE-2020-11226

all versions

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Comp

7.5HIGH

CVE-2020-11221

all versions

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insuffi

5.5MEDIUM

CVE-2020-11199

all versions

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in

5.5MEDIUM

CVE-2020-11192

all versions

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapd

9.8CRITICAL

CVE-2020-11190

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11189

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11188

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11171

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11166

all versions

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

9.1CRITICAL

CVE-2020-11296

all versions

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap

7.5HIGH

CVE-2020-11276

all versions

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation

9.1CRITICAL

CVE-2020-11275

all versions

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd

9.1CRITICAL

CVE-2020-11269

all versions

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

8.8HIGH

CVE-2020-11177

all versions

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

8.8HIGH

CVE-2020-11119

all versions

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra

7.5HIGH