CVSS: 7.8EPSS: 0%CPEs: 686EXPL: 0CVE-2020-11240
https://notcve.org/view.php?id=CVE-2020-11240
Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de la memoria debido al tamaño del comando ioctl se estableció inapropiadamente en el tamaño de un puntero y no se asignó suficiente almacenamiento para la copia del argumento del usuario en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.8EPSS: 0%CPEs: 812EXPL: 0CVE-2020-11239 – Qualcomm kgsl Driver Use-After-Free
https://notcve.org/view.php?id=CVE-2020-11239
Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un uso de la memoria previamente liberada al importar un búfer DMA usando la dirección de CPU del búfer debido a que el archivo adjunto no se limpia correctamente en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 224EXPL: 0CVE-2020-11233
https://notcve.org/view.php?id=CVE-2020-11233
Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una condición de carrera de Time-of-check time-of-use mientras se procesaban las entradas de la partición debido al búfer recién diseñado, se volvió a leer desde mmc sin comprobación en los productos Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.1EPSS: 0%CPEs: 452EXPL: 0CVE-2020-11161
https://notcve.org/view.php?id=CVE-2020-11161
Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Un acceso a la memoria fuera de límites puede ocurrir mientras se calculan los requisitos de alineación para un ancho negativo de componentes externos en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 290EXPL: 0CVE-2020-11160
https://notcve.org/view.php?id=CVE-2020-11160
Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un problema de filtración de recursos durante el registro del cliente dci debido al reconteo de referencias no es reducido si el registro del cliente dci comete un fallo en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-190: Integer Overflow or Wraparound •