Vulnerabilities > Qualcomm > Pm8953 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-04-07 CVE-2020-11255 Memory Leak vulnerability in Qualcomm products
Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
network
low complexity
qualcomm CWE-401
7.5
2021-04-07 CVE-2020-11251 Out-of-bounds Read vulnerability in Qualcomm products
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
critical
9.1
2021-04-07 CVE-2020-11247 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
critical
9.1
2021-04-07 CVE-2020-11246 Double Free vulnerability in Qualcomm products
A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-415
7.8
2021-04-07 CVE-2020-11234 Use After Free vulnerability in Qualcomm products
When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.8
2021-04-07 CVE-2020-11231 Double Free vulnerability in Qualcomm products
Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-415
6.7
2021-04-07 CVE-2020-11191 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
9.1
2021-03-17 CVE-2020-11309 Use After Free vulnerability in Qualcomm products
Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.8
2021-03-17 CVE-2020-11305 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
low complexity
qualcomm CWE-119
6.8
2021-03-17 CVE-2020-11299 Classic Buffer Overflow vulnerability in Qualcomm products
Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-120
critical
9.8