Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
Memory corruption in Audio during playback with speaker protection.
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
Memory corruption while parsing the ADSP response command.
Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
Memory corruption while processing audio effects.
Memory corruption in WLAN HAL while handling command through WMI interfaces.
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
Memory corruption in TZ Secure OS while loading an app ELF.
Memory corruption in core services when Diag handler receives a command to configure event listeners.
Memory corruption while allocating memory in COmxApeDec module in Audio.
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
Memory Corruption in HLOS while registering for key provisioning notify.
Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
Memory Corruption in camera while installing a fd for a particular DMA buffer.
Memory Corruption in Audio while playing amrwbplus clips with modified content.
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Memory corruption in Linux when the file upload API is called with parameters having large buffer.
Memory corruption in RIL while trying to send apdu packet.
Memory corruption in Automotive GPU while querying a gsl memory node.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memory corruption in Linux while calling system configuration APIs.
If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8016, APQ8096AU, APQ8098, MDM9205, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory corruption in WLAN HAL while parsing WMI command parameters.
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.
Memory Corruption while accessing metadata in Display.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Memory Corruption in Core Platform while printing the response buffer in log.