CVSS: 7.8EPSS: 0%CPEs: 193EXPL: 0CVE-2020-11217
https://notcve.org/view.php?id=CVE-2020-11217
A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile Una posible doble liberación o un acceso a la memoria no válido en el controlador de audio mientras se leen los parámetros de Speaker Protection en los productos Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-415: Double Free •
CVSS: 10.0EPSS: 0%CPEs: 405EXPL: 0CVE-2020-11225
https://notcve.org/view.php?id=CVE-2020-11225
Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un acceso fuera del límite en el controlador WLAN debido a una falta de comprobación de longitud de la matriz antes de copiar en la matriz en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 369EXPL: 0CVE-2020-11216
https://notcve.org/view.php?id=CVE-2020-11216
Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una lectura excesiva del búfer puede ocurrir en el controlador de video cuando se reproduce un clip con un tamaño de átomo que tiene el valor UINT32_MAX en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 384EXPL: 0CVE-2020-11215
https://notcve.org/view.php?id=CVE-2020-11215
An out of bounds read can happen when processing VSA attribute due to improper minimum required length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una lectura fuera de límites puede ocurrir al procesar el atributo VSA debido a una comprobación inapropiada de la longitud mínima requerida en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 349EXPL: 0CVE-2020-11214
https://notcve.org/view.php?id=CVE-2020-11214
Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una lectura excesiva del búfer mientras se procesa el atributo NDL si la longitud del atributo es mayor de lo esperado y luego FW lo está tratando como un mayor número de horarios inmutables en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-125: Out-of-bounds Read •