Qualcomm ≫ Sa9000p Firmware

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

Memory corruption in HAB Memory management due to broad system privileges via physical address.

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.

Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.

Memory corruption due to double free in core while initializing the encryption key.

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.