CVSS: 7.8EPSS: 0%CPEs: 812EXPL: 0CVE-2020-11239 – Qualcomm kgsl Driver Use-After-Free
https://notcve.org/view.php?id=CVE-2020-11239
Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un uso de la memoria previamente liberada al importar un búfer DMA usando la dirección de CPU del búfer debido a que el archivo adjunto no se limpia correctamente en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 224EXPL: 0CVE-2020-11233
https://notcve.org/view.php?id=CVE-2020-11233
Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una condición de carrera de Time-of-check time-of-use mientras se procesaban las entradas de la partición debido al búfer recién diseñado, se volvió a leer desde mmc sin comprobación en los productos Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 748EXPL: 0CVE-2021-1910
https://notcve.org/view.php?id=CVE-2021-1910
Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una doble liberación en video debido a una falta de comprobación de la longitud del búfer de la entrada en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-415: Double Free •
CVSS: 8.4EPSS: 0%CPEs: 794EXPL: 0CVE-2021-1905 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-1905
Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible uso de la memoria previamente liberada debido a un manejo inapropiado de la asignación de la memoria de múltiples procesos simultáneamente. en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously. • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-416: Use After Free •
CVSS: 9.4EPSS: 0%CPEs: 802EXPL: 0CVE-2020-11285
https://notcve.org/view.php?id=CVE-2020-11285
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una lectura excesiva del búfer mientras desempaquetamos el paquete RTCP, podemos leer un byte adicional si es proporcionada una longitud inapropiada en los paquetes RTCP en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-125: Out-of-bounds Read •