Data token is received from ADSP and is used without validation as an index into the array leads to out of bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24
View Full Alert
Related Posts
CVE-2018-13897 (mdm9206_firmware, mdm9607_firmware, mdm9640_firmware, mdm9650_firmware, msm8909w_firmware, msm8996au_firmware, qcs605_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_415_firmware, sd_615_firmware, sd_616_firmware, sd_625_firmware, sd_636_firmware, sd_650_firmware, sd_652_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_855_firmware, sda660_firmware, sdm630_firmware, sdm660_firmware)Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
CVE-2019-2322 (mdm9150_firmware, mdm9206_firmware, mdm9607_firmware, mdm9650_firmware, msm8909w_firmware, msm8996au_firmware, qcs405_firmware, qcs605_firmware, qualcomm_215_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_415_firmware, sd_425_firmware, sd_427_firmware, sd_429_firmware, sd_430_firmware, sd_435_firmware, sd_439_firmware, sd_450_firmware, sd_600_firmware, sd_615_firmware, sd_616_firmware, sd_625_firmware, sd_632_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sda660_firmware, sdm439_firmware, sdm630_firmware, sdm660_firmware, sdx20_firmware, snapdragon_high_med_2016_firmware)Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice…
CVE-2019-2316 (mdm9640_firmware, qcs405_firmware, qcs605_firmware, sd_425_firmware, sd_427_firmware, sd_430_firmware, sd_435_firmware, sd_450_firmware, sd_625_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sdm660_firmware, sdx24_firmware)When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605,…
