Memory corruption in TZ Secure OS while loading an app ELF.
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 625, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24, SM7150
Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in multimedia driver due to untrusted pointer dereference while reading data from socket in Snapdragon Auto
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to lack of bounds checking on the variable "data_len" from the function WLANQCMBR_McProcessMsg, a buffer overflow may potentially occur in WLANFTM_McProcessMsg.
Memory corruption when the captureRead QDCM command is invoked from user-space.
Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.
Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
Memory Corruption in HLOS while registering for key provisioning notify.
Memory corruption in kernel due to use after free issue in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption in graphic driver due to use after free while calling multiple threads application to driver. in Snapdragon Consumer IOT
Memory Corruption in Audio while allocating the ion buffer during the music playback.
Memory Corruption in Audio while invoking IOCTLs calls from the user-space.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
Memory Corruption in camera while installing a fd for a particular DMA buffer.
Memory Corruption in Audio while playing amrwbplus clips with modified content.
Memory corruption in Linux while calling system configuration APIs.
Memoru corruption in Audio when ADSP sends input during record use case.
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.
Memory Corruption due to improper validation of array index in Linux while updating adn record.
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
An app with non-privileged access can change global system brightness and cause undesired system behavior.
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
Memory Corruption while accessing metadata in Display.
Memory corruption in Graphics while importing a file.
Memory corruption due to untrusted pointer dereference in automotive during system call.
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.
Memory corruption in Automotive GPU while querying a gsl memory node.
Memory corruption in Audio while validating and mapping metadata.
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
Memory corruption in RIL while trying to send apdu packet.
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
Memory corruption in WLAN HOST while receiving an WMI event from firmware.
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
Memory corruption in Audio during playback session with audio effects enabled.