CVE-2021-1940 – Qualcomm NPU Use-After-Free / Information Leak
https://notcve.org/view.php?id=CVE-2021-1940
Use after free can occur due to improper handling of response from firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un uso de la memoria previamente liberada puede ocurrir debido a un manejo inapropiado de la respuesta del firmware en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • http://packetstormsecurity.com/files/172856/Qualcomm-NPU-Use-After-Free-Information-Leak.html https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin • CWE-416: Use After Free •
CVE-2021-1937
https://notcve.org/view.php?id=CVE-2021-1937
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking La afirmación alcanzable es posible mientras se procesa el mensaje WLAN de asociación de pares desde el host y el paquete entrante no estándar en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-617: Reachable Assertion •
CVE-2021-1900
https://notcve.org/view.php?id=CVE-2021-1900
Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible uso de la memoria previamente liberada en Display debido a una condición de carrera mientras se crea una pantalla externa en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVE-2020-11304
https://notcve.org/view.php?id=CVE-2020-11304
Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible lectura fuera de límites en DRM debido a una comprobación inapropiada de la longitud del búfer en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure y Networking • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-125: Out-of-bounds Read •
CVE-2020-11267
https://notcve.org/view.php?id=CVE-2020-11267
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una escritura fuera de límites de la pila se produce al configurar un dispositivo de cifrado si la longitud de IV proporcionada excede el valor límite máximo en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-787: Out-of-bounds Write •