Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption when allocating and accessing an entry in an SMEM partition.
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Memory corruption while copying packets received from unix clients.
memory corruption while processing an image encoding completion event.
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Memory corruption in Audio while processing the calibration data returned from ACDB loader.
Memory corruption in Audio while processing IIR config data from AFE calibration block.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption while invoking callback function of AFE from ADSP.
Memory corruption while processing manipulated payload in video firmware.
Memory corruption while processing data packets in diag received from Unix clients.
Memory corruption while processing packet data with exceedingly large packet.
u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, Kamorta, Rennell, SC7180, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130
u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Kamorta, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SXR1130
When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130
Memory corruption in Core while processing control functions.
Buffer overflow in display function due to memory copy without checking length of size using strcpy function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDA845, SDM429W, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Memory Corruption in SPS Application while exporting public key in sorter TA.
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory corruption while processing audio effects.
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
Memory corruption in Core Platform while printing the response buffer in log.
Memory corruption in Linux when the file upload API is called with parameters having large buffer.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Memory Corruption in Core Platform while printing the response buffer in log.
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.
Memory corruption while processing the IOCTL FM HCI WRITE request.
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
Memory corruption while copying the sound model data from user to kernel buffer during sound model register.
Memory corruption in Core while processing RX intent request.