CVSS: 7.8EPSS: 0%CPEs: 686EXPL: 0CVE-2020-11240
https://notcve.org/view.php?id=CVE-2020-11240
09 Jun 2021 — Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de la memoria debido al tamaño del comando ioctl se estableció inapropiadamente en el tamaño de un puntero y no se asignó suficiente almacenamiento para la... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.8EPSS: 0%CPEs: 812EXPL: 1CVE-2020-11239 – Qualcomm kgsl Driver Use-After-Free
https://notcve.org/view.php?id=CVE-2020-11239
09 Jun 2021 — Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un uso de la memoria previamente liberada al importar un búfer DMA usando la dirección de CPU del búfer debido a que el archivo adjunto no se limpia correctamente en los productos Snapdragon Auto,... • https://packetstorm.news/files/id/172839 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 804EXPL: 0CVE-2020-11238
https://notcve.org/view.php?id=CVE-2020-11238
09 Jun 2021 — Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible sobrelectura del búfer en el análisis ARP/NS debido a una falta de comprobación de la longitud del paquete recibido en los productos Snapdragon Auto, Snap... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1076EXPL: 0CVE-2020-11235
https://notcve.org/view.php?id=CVE-2020-11235
09 Jun 2021 — Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un desbordamiento del búfer puede ocurrir cuando se analiza un comando unificado debido a una falta de comprobación de los datos de entrada... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 574EXPL: 0CVE-2020-11178
https://notcve.org/view.php?id=CVE-2020-11178
09 Jun 2021 — Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking APPS confiable para sobrescribir la memoria CPZ de otro caso de uso, ya que TZ solo comprueba que la dirección física no se superponga con su memoria y ... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 452EXPL: 0CVE-2020-11161
https://notcve.org/view.php?id=CVE-2020-11161
09 Jun 2021 — Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Un acceso a la memoria fuera de límites puede ocurrir mientras se calculan los requisitos de alineación para un ancho negativo de componentes externos en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 290EXPL: 0CVE-2020-11160
https://notcve.org/view.php?id=CVE-2020-11160
09 Jun 2021 — Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un problema de filtración de recursos durante el registro del cliente dci debido al reconteo de referencias no es reducido si el registro del cliente dci comete un fallo en los productos Snapdragon Auto, Snapdragon Compute, S... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.4EPSS: 0%CPEs: 1006EXPL: 0CVE-2020-11159
https://notcve.org/view.php?id=CVE-2020-11159
09 Jun 2021 — Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una sobrelectura del búfer puede ocurrir mientras se procesa WPA, RSN IE de la baliza y la... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 650EXPL: 0CVE-2020-11134
https://notcve.org/view.php?id=CVE-2020-11134
09 Jun 2021 — Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible escritura fuera de límites de la pila en... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 782EXPL: 0CVE-2020-11126
https://notcve.org/view.php?id=CVE-2020-11126
09 Jun 2021 — Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible lectura fuera de límites mientras se analiza la trama WLAN debido a una falta de comprobación de la longitud del cuerpo y del encabezado en los p... • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •