CVE-2020-11238

all versions

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute,

7.5HIGH

CVE-2020-11235

all versions

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag

7.8HIGH

CVE-2020-11159

all versions

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po

9.1CRITICAL

CVE-2021-1925

all versions

Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compu

7.5HIGH

CVE-2020-11293

all versions

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length rece

5.1MEDIUM

CVE-2020-11289

all versions

Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute,

7.8HIGH

CVE-2020-11285

all versions

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon

8.2HIGH

CVE-2020-11279

all versions

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

7.5HIGH

CVE-2021-1892

all versions

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdra

8.4HIGH

CVE-2020-11251

all versions

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A

8.2HIGH

CVE-2020-11234

all versions

When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread r

8.4HIGH

CVE-2020-11191

all versions

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,

8.2HIGH

CVE-2020-11227

all versions

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdrag

9.8CRITICAL

CVE-2020-11226

all versions

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Comp

7.5HIGH

CVE-2020-11221

all versions

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insuffi

5.5MEDIUM

CVE-2020-11199

all versions

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in

5.5MEDIUM

CVE-2020-11192

all versions

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapd

9.8CRITICAL

CVE-2020-11190

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11189

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11188

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11171

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11166

all versions

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

9.1CRITICAL

CVE-2020-11296

all versions

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap

7.5HIGH

CVE-2020-11276

all versions

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation

9.1CRITICAL

CVE-2020-11275

all versions

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd

9.1CRITICAL

CVE-2020-11269

all versions

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

8.8HIGH

CVE-2020-11204

all versions

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for par

7.8HIGH

CVE-2020-11195

all versions

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffe

7.8HIGH

CVE-2020-11177

all versions

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

8.8HIGH

CVE-2020-11170

all versions

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

9.8CRITICAL

CVE-2020-11119

all versions

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra

7.5HIGH