CVE-2020-11262

all versions

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use aft

7.0HIGH

CVE-2020-11261

all versions

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdra

7.8HIGH

CVE-2020-11250

all versions

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdrago

7.0HIGH

CVE-2020-11240

all versions

Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for t

7.8HIGH

CVE-2020-11239

all versions

Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up proper

7.8HIGH

CVE-2020-11233

all versions

Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc wi

7.0HIGH

CVE-2021-1927

all versions

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Com

8.4HIGH

CVE-2021-1905

all versions

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapd

8.4HIGH

CVE-2021-1895

all versions

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial I

6.8MEDIUM

CVE-2021-1891

all versions

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdra

8.4HIGH

CVE-2020-11285

all versions

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon

8.2HIGH

CVE-2020-11279

all versions

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

7.5HIGH

CVE-2020-11251

all versions

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A

8.2HIGH

CVE-2020-11234

all versions

When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread r

8.4HIGH

CVE-2020-11191

all versions

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,

8.2HIGH

CVE-2020-11309

all versions

Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon

7.8HIGH

CVE-2020-11290

all versions

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snap

7.0HIGH

CVE-2020-11227

all versions

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdrag

9.8CRITICAL

CVE-2020-11226

all versions

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Comp

7.5HIGH

CVE-2020-11221

all versions

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insuffi

5.5MEDIUM

CVE-2020-11199

all versions

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in

5.5MEDIUM

CVE-2020-11192

all versions

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapd

9.8CRITICAL

CVE-2020-11190

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11189

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11188

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11171

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11166

all versions

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

9.1CRITICAL

CVE-2020-11272

all versions

Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version

9.8CRITICAL

CVE-2020-11269

all versions

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

8.8HIGH

CVE-2020-11177

all versions

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

8.8HIGH

CVE-2020-11170

all versions

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

9.8CRITICAL