Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.
Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Memory corruption in Automotive due to improper input validation.
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9607, MDM9615, MDM9635M, MDM9640, SD 210/SD 212/SD 205, SD 400, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 810, and SD 820, an arbitrary length value from an incoming message to QMI Proxy can lead to an out-of-bounds write in the stack variable message.
Memory corruption while handling payloads from remote ESL.
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
Memory corruption when Alternative Frequency offset value is set to 255.
Memory corruption while processing MFC channel configuration during music playback.
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
Memory corruption while executing timestamp video decode command with large input values.
Memory corruption while processing a malformed license file during reboot.
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
Memory corruption while reading the FW response from the shared queue.
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
Memory corruption when programming registers through virtual CDM.
Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables
Memory corruption when user provides data for FM HCI command control operations.
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
Memory corruption in modem due to improper length check while copying into memory
Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface
Memory correction in modem due to buffer overwrite during coap connection
Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto
Memory corruption in Core due to improper configuration in boot remapper.
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
Memory corruption while processing input message passed from FE driver.
Memory corruption in video while parsing invalid mp2 clip.
Memory corruption while processing IOCTL handler in FastRPC.
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
Memory corruption during session sign renewal request calls in HLOS.
Memory corruption when keymaster operation imports a shared key.
Memory corruption when the channel ID passed by user is not validated and further used.
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
Memory corruption while redirecting log file to any file location with any file name.
Memory corruption when size of buffer from previous call is used without validation or re-initialization.
Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Memory corruption while processing a secure logging command in the trusted application.
Memory corruption while invoking remote procedure IOCTL calls.