CVE-2019-10540 (ipq8074_firmware, msm8996au_firmware, qca6174a_firmware, qca6574au_firmware, qca8081_firmware, qca9377_firmware, qca9379_firmware, qcs404_firmware, qcs405_firmware, qcs605_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sd_8cx_firmware, sda660_firmware, sdm630_firmware, sdm660_firmware, sxr1130_firmware)

Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130

View Full Alert

CVE-2019-2316 (mdm9640_firmware, qcs405_firmware, qcs605_firmware, sd_425_firmware, sd_427_firmware, sd_430_firmware, sd_435_firmware, sd_450_firmware, sd_625_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sdm660_firmware, sdx24_firmware)
When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605,…
CVE-2019-10489 (mdm9206_firmware, mdm9607_firmware, msm8909w_firmware, msm8996au_firmware, qca6574au_firmware, qcs405_firmware, qcs605_firmware, qualcomm_215_firmware, sd_205_firmware, sd_210_firmware, sd_212_firmware, sd_415_firmware, sd_425_firmware, sd_427_firmware, sd_429_firmware, sd_430_firmware, sd_435_firmware, sd_439_firmware, sd_450_firmware, sd_600_firmware, sd_615_firmware, sd_616_firmware, sd_625_firmware, sd_632_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sda660_firmware, sdm439_firmware, sdm630_firmware, sdm660_firmware, sdx20_firmware)
Possible null-pointer dereference can occur while parsing avi clip during copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,…
CVE-2019-10506 (mdm9206_firmware, mdm9607_firmware, msm8996au_firmware, qca6174a_firmware, qca6574au_firmware, qca9377_firmware, qca9379_firmware, qcs605_firmware, sd_600_firmware, sd_625_firmware, sd_636_firmware, sd_665_firmware, sd_670_firmware, sd_675_firmware, sd_710_firmware, sd_712_firmware, sd_730_firmware, sd_820_firmware, sd_820a_firmware, sd_835_firmware, sd_845_firmware, sd_850_firmware, sd_855_firmware, sdm630_firmware, sdm660_firmware, sdx24_firmware)
While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto,…

Related Posts