CVE-2020-11262

all versions

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use aft

7.0HIGH

CVE-2020-11261

all versions

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdra

7.8HIGH

CVE-2020-11260

all versions

An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon M

8.4HIGH

CVE-2020-11250

all versions

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdrago

7.0HIGH

CVE-2020-11240

all versions

Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for t

7.8HIGH

CVE-2020-11239

all versions

Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up proper

7.8HIGH

CVE-2020-11235

all versions

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag

7.8HIGH

CVE-2020-11161

all versions

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Sn

7.1HIGH

CVE-2021-1927

all versions

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Com

8.4HIGH

CVE-2021-1915

all versions

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute,

7.8HIGH

CVE-2021-1910

all versions

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna

7.3HIGH

CVE-2021-1906

all versions

Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdra

6.2MEDIUM

CVE-2021-1895

all versions

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial I

6.8MEDIUM

CVE-2021-1891

all versions

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdra

8.4HIGH

CVE-2020-11247

all versions

Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdrago

8.2HIGH

CVE-2020-11246

all versions

A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Comp

8.4HIGH

CVE-2020-11231

all versions

Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lea

6.7MEDIUM

CVE-2020-11309

all versions

Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon

7.8HIGH

CVE-2020-11308

all versions

Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdrago

6.8MEDIUM

CVE-2020-11299

all versions

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti

9.8CRITICAL

CVE-2020-11290

all versions

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snap

7.0HIGH

CVE-2020-11230

all versions

Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physica

6.4MEDIUM

CVE-2020-11297

all versions

Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto,

7.5HIGH

CVE-2020-11277

all versions

Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async sessi

7.4HIGH

CVE-2020-11272

all versions

Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version

9.8CRITICAL

CVE-2020-11271

all versions

Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapd

7.8HIGH

CVE-2020-11269

all versions

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

8.8HIGH

CVE-2020-11223

all versions

Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snap

7.8HIGH

CVE-2020-11204

all versions

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for par

7.8HIGH

CVE-2020-11170

all versions

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

9.8CRITICAL

CVE-2020-11147

all versions

Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in

6.7MEDIUM