sd8c firmware · threatengine.sh

Home/Product/qualcomm sd 8c firmware

Product

qualcomm sd 8c firmware

136 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdrag

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapd

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Conn

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon

Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snap

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe res

Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Comput

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Sn

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information e

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information e

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN

Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdrago

Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi

Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either pri

Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapd

Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdrago

Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Sn

Possible buffer over read occurs due to lack of length check of request buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snap

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Com

Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute,

Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdra

UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdr

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, S

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap

Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snap

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C

Integer underflow can occur when the RTCP length is lesser than the actual blocks present in Snapdragon Auto, Snapdragon Comp

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,

Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Comput

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Sna

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapd

Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne

Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdrag

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon

Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Sna

Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Conn

Use after free can occur due to improper handling of response from firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Con

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapd

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapd

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdra

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Con

Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapd

Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdr

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd

Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdra

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap over

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use aft

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdra

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdrago

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Sn

Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for t

Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up proper

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute,

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snap

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memor

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of b

Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails i

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN rangin

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Com

Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compu

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute,

Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdra

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapd

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial I

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdra

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length rece

Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute,

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon

Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory regio

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectiv

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdra

Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and r

Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Au

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A

Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdr

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of

When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread r

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,

Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon

Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdrago

Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdrag

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Comp

Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute,

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insuffi

While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a sp

Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdr

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapd

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snap

Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto,

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap

Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclos

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snap

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd

Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version

Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapd

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for par

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage o

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffe

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin