u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
Memory corruption while executing timestamp video decode command with large input values.
Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow vulnerability potentially leading to a buffer overflow.
Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Memory corruption when programming registers through virtual CDM.
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption while reading the FW response from the shared queue.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Memory corruption while receiving a message in Bus Socket Transport Server.
Memory corruption in Core due to stack-based buffer overflow.
Memory corruption in core due to stack-based buffer overflow
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
Memory corruption in Audio when SSR event is triggered after music playback is stopped.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Memory corruption in Audio while processing the VOC packet data from ADSP.
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
Memory corruption while using the UIM diag command to get the operators name.
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.
Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.
Memory corruption in Automotive Android OS due to improper input validation.
Memory corruption in Linux while sending DRM request.
Memory corruption in Automotive due to improper input validation.
Memory corruption while processing input message passed from FE driver.
Memory corruption may occur during communication between primary and guest VM.
Memory corruption may occur due to improper input validation in clock device.