sm8250 firmware · threatengine.sh

Home/Product/qualcomm sm8250 firmware

Product

qualcomm sm8250 firmware

252 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption in Audio while running invalid audio recording from ADSP.

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

Transient DOS in Data modem while handling TLB control messages from the Network.

Transient DOS in Modem after RRC Setup message is received.

Memory corruption while sending SMS from AP firmware.

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Memory corruption while using the UIM diag command to get the operators name.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Memory corruption in Audio while processing the VOC packet data from ADSP.

Memory Corruption in Audio while invoking callback function in driver from ADSP.

Transient DOS in WLAN Firmware while parsing no-inherit IES.

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

Transient DOS in WLAN Firmware while parsing rsn ies.

Transient DOS in WLAN Firmware while parsing a NAN management frame.

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

Transient DOS while parsing WLAN beacon or probe-response frame.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

Memoru corruption in Audio when ADSP sends input during record use case.

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Information disclosure in Kernel due to indirect branch misprediction.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

Memory corruption in Linux while sending DRM request.

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

Memory corruption in Linux android due to double free while calling unregister provider after register call.

information disclosure due to cryptographic issue in Core during RPMB read request.

Assertion occurs while processing Reconfiguration message due to improper validation

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

Memory corruption in Graphics while importing a file.

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not suppor

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a s

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

Memory corruption due to use after free in Modem while modem initialization.

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection

Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.

Memory corruption due to double free in core while initializing the encryption key.

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile,

u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mob

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Com

Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdrago

u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdrago

u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon A

u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Aut

u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due

u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range'

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, S

u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdra

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validati

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at get

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon

u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead per

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Aut

u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for

u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, S

u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applie

u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to valida

u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered

u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in S

u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access cont

u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto,

u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon

u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in

u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' i

u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Sna

u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address i

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compu

Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices i

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapd

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to mem

u'Possible use-after-free while accessing diag client map table since list can be reallocated due to exceeding max client limit.'

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdra

u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Co

u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdrago

u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Co

u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Com

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state

u'Out of bound writes happen when accessing usage_table header entry beyond the memory allocated for the header' in Snapdragon Aut

u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer

u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated fo

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size res

u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport ca

u'Possible out of bound access while copying the mask file content into the buffer without checking the buffer size' in Snapdragon

u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdrag

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback,

u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon

u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapd

u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in S

u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list wh

u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which c

u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned af

u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon C

u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute,

u'When a new session is created, Object is returned that contains TZ addresses and it get passed to HLOS as an handle to refer to

u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information

u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into mem

u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to mem

u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than

u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon

u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Comput

u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdra

u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of

u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Au

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies t

u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapd

Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with n

Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in

Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Sn

Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto

Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdr

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Sna

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto,

When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already fre

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto,

Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto,

Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Com

Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAX_UINT32 range due to lack o

Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdrago

Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdrago

Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/

Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Com

Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Co

Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdra

System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Sna

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute,

Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon A

Payload size is not validated before reading memory that may cause issue of accessing invalid pointer or some garbage data in Snap

kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute,

Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto,

Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or n

Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snap

When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snap

kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130

Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon A

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode

Out of bound read in Fingerprint application due to requested data is being used without length check in Snapdragon Auto, Snapdrag

Out of bound read in fingerprint application due to requested data assigned to a local buffer without length check in Snapdrago

Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snap

Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compu

Memory failure in SKB if it fails to add the requested padding to the skb in low memory targets or targets with major memory fr

Null pointer dereference issue in radio interface layer due to lack of null check in sapmodule destructor in Snapdragon Auto, Snap

Possible use after free issue in pcm volume controls due to race condition exist in private data used in mixer controls in Snapdra

While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type cop

Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data rec

Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace i

Use after free issue when MAP and UNMAP calls at same time as data structure used my MAP may be freed by UNMAP function in Snapdra

Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow

When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Aut

Target specific data is being sent to remote server and leads to information exposure in Snapdragon Auto, Snapdragon Compute, Snap

Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snap

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in S

Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free an

Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdrago

Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Au

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer I

Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto,

The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of b

Use-after-free in graphics module due to destroying already queued syncobj in error case in Snapdragon Auto, Snapdragon Compute, S

Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon C

Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Com

Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be cor

Possibility of heap-buffer-overflow during last iteration of loop while populating image version information in diag command respo

Null pointer dereference can happen when parsing udta atom which is non-standard and having invalid depth in Snapdragon Auto, Snap

Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of s

Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdrago

Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Co

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size requi

Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Aut

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer acc

During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating messag

APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon

Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, S

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing command

Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapd

Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon M

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL

Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdrag

Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdrago

While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read in

The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map

Possible null pointer dereference issue in location assistance data processing due to missing null check on resources before using

Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdrago

Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdr

Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snap

Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Sna

Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon

Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use a

Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Sna

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consum

NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after f

Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon C

Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon

While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DS

Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Sna

Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of m

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapd

Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapd

Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length c

Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set t

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Sn

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapd

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential s

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Comp

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the ma

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdr

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corrup

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consum

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdra

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Cons

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated dur

While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdr

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon A

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdrag

If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack bu

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length i

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin