CVE-2019-14124 (kamorta_firmware, qcs404_firmware, rennell_firmware, sc7180_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8250_firmware, sxr2130_firmware)

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

View Full Alert

CVE-2019-14123 (kamorta_firmware, qcs404_firmware, rennell_firmware, sc7180_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8250_firmware, sxr2130_firmware)
Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile,…
CVE-2019-14073 (apq8009_firmware, apq8017_firmware, apq8053_firmware, apq8076_firmware, apq8096_firmware, apq8096au_firmware, apq8098_firmware, kamorta_firmware, mdm9150_firmware, mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, mdm9615_firmware, mdm9635m_firmware, mdm9640_firmware, mdm9645_firmware, mdm9650_firmware, mdm9655_firmware, msm8905_firmware, msm8909_firmware, msm8909w_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, msm8996au_firmware, msm8998_firmware, nicobar_firmware, qcm2150_firmware, qcs605_firmware, qm215_firmware, rennell_firmware, sa415m_firmware, sc7180_firmware, sc8180x_firmware, sda660_firmware, sda845_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm630_firmware, sdm632_firmware, sdm636_firmware, sdm660_firmware, sdm670_firmware, sdm710_firmware, sdm845_firmware, sdm850_firmware, sdx20_firmware, sdx24_firmware, sm6150_firmware, sm7150_firmware, sm8150_firmware, sxr1130_firmware)
Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in…
CVE-2019-10580 (mdm9607_firmware, msm8909w_firmware, nicobar_firmware, qcm2150_firmware, qcs405_firmware, qcs605_firmware, saipan_firmware, sc8180x_firmware, sdm429w_firmware, sdx55_firmware, sm8150_firmware, sm8250_firmware, sxr2130_firmware)
When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial…

Related Posts