CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 0CVE-2020-11257
https://notcve.org/view.php?id=CVE-2020-11257
Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking Una corrupción de la memoria debido a una falta de comprobación de los argumentos del puntero pasados ??a TrustZone BSP en Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 0CVE-2020-11256
https://notcve.org/view.php?id=CVE-2020-11256
Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking Una corrupción de la memoria debido a una falta de comprobación de la validación del puntero al búfer pasado a TrustZone en Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.0EPSS: 0%CPEs: 720EXPL: 0CVE-2020-11250
https://notcve.org/view.php?id=CVE-2020-11250
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un uso de la memoria previamente liberada debido a una condición de carrera mientras vuelve a abrir el controlador del dispositivo repetidamente en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure y Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 852EXPL: 0CVE-2020-11241
https://notcve.org/view.php?id=CVE-2020-11241
Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una lectura fuera de límites ocurrirá si la longitud de la clave EAPOL es menor de lo esperado mientras se procesa el atributo de descriptor de clave compartida NAN en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 804EXPL: 0CVE-2020-11238
https://notcve.org/view.php?id=CVE-2020-11238
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible sobrelectura del búfer en el análisis ARP/NS debido a una falta de comprobación de la longitud del paquete recibido en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •