Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
Memory corruption while processing audio effects.
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
Memory corruption in TZ Secure OS while loading an app ELF.
Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
Memory corruption in WLAN HOST while receiving an WMI event from firmware.
Memory Corruption in Core Platform while printing the response buffer in log.
Memory corruption in Audio during playback session with audio effects enabled.
Memory corruption in Linux when the file upload API is called with parameters having large buffer.
Memory Corruption in camera while installing a fd for a particular DMA buffer.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memoru corruption in Audio when ADSP sends input during record use case.
Memory Corruption while accessing metadata in Display.
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
Memory corruption in RIL while trying to send apdu packet.
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).
Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in core due to stack-based buffer overflow
Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Memory corruption due to stack-based buffer overflow in Core
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,
Memory corruption in Core due to stack-based buffer overflow.
Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption when size of buffer from previous call is used without validation or re-initialization.
Memory corruption while processing data sent by FE driver.
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Memory corruption while processing MFC channel configuration during music playback.
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574, QCS605, Qualcomm 215, SD 425, SD 427, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130