71 results (0.004 seconds)

CVSS: 7.0EPSS: 0%CPEs: 778EXPL: 0

CVE-2020-11262

https://notcve.org/view.php?id=CVE-2020-11262

09 Jun 2021 — A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una carrera entre el envío de comandos y la destrucción del contexto puede causar que se agregue un contexto no válido a la lista de pistas para su uso después de la publicación libera... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 798EXPL: 0

CVE-2020-11261 – Qualcomm Multiple Chipsets Improper Input Validation Vulnerability

https://notcve.org/view.php?id=CVE-2020-11261

09 Jun 2021 — Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de la memoria debido a una comprobación inapropiada para devolver el error cuando la aplicación del usuario pida una asignación de memoria de un tamaño enorme en los productos Snapdragon Auto, S... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-20: Improper Input Validation •

CVSS: 7.0EPSS: 0%CPEs: 720EXPL: 0

CVE-2020-11250

https://notcve.org/view.php?id=CVE-2020-11250

09 Jun 2021 — Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un uso de la memoria previamente liberada debido a una condición de carrera mientras vuelve a abrir el controlador del dispositivo repetidamente en los productos Snapdragon Auto, Snapdragon Compute, S... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 852EXPL: 0

CVE-2020-11241

https://notcve.org/view.php?id=CVE-2020-11241

09 Jun 2021 — Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una lectura fuera de límites ocurrirá si la longitud de la clave EAPOL es menor de lo esperado mientras se procesa e... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 686EXPL: 0

CVE-2020-11240

https://notcve.org/view.php?id=CVE-2020-11240

09 Jun 2021 — Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de la memoria debido al tamaño del comando ioctl se estableció inapropiadamente en el tamaño de un puntero y no se asignó suficiente almacenamiento para la... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 7.8EPSS: 0%CPEs: 812EXPL: 1

CVE-2020-11239 – Qualcomm kgsl Driver Use-After-Free

https://notcve.org/view.php?id=CVE-2020-11239

09 Jun 2021 — Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un uso de la memoria previamente liberada al importar un búfer DMA usando la dirección de CPU del búfer debido a que el archivo adjunto no se limpia correctamente en los productos Snapdragon Auto,... • https://packetstorm.news/files/id/172839 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 804EXPL: 0

CVE-2020-11238

https://notcve.org/view.php?id=CVE-2020-11238

09 Jun 2021 — Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible sobrelectura del búfer en el análisis ARP/NS debido a una falta de comprobación de la longitud del paquete recibido en los productos Snapdragon Auto, Snap... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1076EXPL: 0

CVE-2020-11235

https://notcve.org/view.php?id=CVE-2020-11235

09 Jun 2021 — Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un desbordamiento del búfer puede ocurrir cuando se analiza un comando unificado debido a una falta de comprobación de los datos de entrada... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 574EXPL: 0

CVE-2020-11178

https://notcve.org/view.php?id=CVE-2020-11178

09 Jun 2021 — Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking APPS confiable para sobrescribir la memoria CPZ de otro caso de uso, ya que TZ solo comprueba que la dirección física no se superponga con su memoria y ... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-20: Improper Input Validation •

CVSS: 6.7EPSS: 0%CPEs: 290EXPL: 0

CVE-2020-11160

https://notcve.org/view.php?id=CVE-2020-11160

09 Jun 2021 — Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un problema de filtración de recursos durante el registro del cliente dci debido al reconteo de referencias no es reducido si el registro del cliente dci comete un fallo en los productos Snapdragon Auto, Snapdragon Compute, S... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-190: Integer Overflow or Wraparound •