CVE-2022-22084
https://notcve.org/view.php?id=CVE-2022-22084
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de la memoria cuando es extraído un archivo de audio qcp debido a una falta de comprobación de la longitud de los datos en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-787: Out-of-bounds Write •
CVE-2022-22083
https://notcve.org/view.php?id=CVE-2022-22083
Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una denegación de servicio debido a una corrupción de memoria mientras se extrae el encabezado de los clips en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-125: Out-of-bounds Read •
CVE-2022-22082
https://notcve.org/view.php?id=CVE-2022-22082
Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de la memoria debido a un posible desbordamiento del búfer mientras es analizado el encabezado DSF con un recuento de canales corrupto en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2021-35083
https://notcve.org/view.php?id=CVE-2021-35083
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible lectura fuera de límites debido a una comprobación inapropiada de la cadena de certificados en SSL o el intercambio de claves de Internet en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-125: Out-of-bounds Read •
CVE-2022-22057 – Qualcomm kgsl Driver Use-After-Free
https://notcve.org/view.php?id=CVE-2022-22057
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Un uso de memoria previamente liberada en la valla de gráficos debido a una condición de carrera mientras es cerrado el descriptor de archivo de la valla y es destruida la línea de tiempo de gráficos simultáneamente en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • http://packetstormsecurity.com/files/172850/Qualcomm-kgsl-Driver-Use-After-Free.html https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •