Qualcomm ≫ Sd 820 Firmware

Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR113...

Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/1...

Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM96...

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MD...

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA...

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA658...

There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A...

During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM96...

ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52,...

XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640,...