Vulnerabilities > Qualcomm > SD 625 > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-25 CVE-2019-2345 Race Condition vulnerability in Qualcomm products
Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM660, SDX20, SDX24
4.4
2019-07-25 CVE-2019-2330 Improper Input Validation vulnerability in Qualcomm products
improper input validation in allocation request for secure allocations can lead to page fault.
local
low complexity
qualcomm CWE-20
4.9
2019-07-25 CVE-2019-2312 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, MDM9640, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24
local
low complexity
qualcomm CWE-119
4.6
2019-07-25 CVE-2019-2306 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
local
low complexity
qualcomm CWE-704
4.6
2019-07-25 CVE-2019-2301 Out-of-bounds Read vulnerability in Qualcomm products
Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9980, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24
local
low complexity
qualcomm CWE-125
4.6
2019-07-25 CVE-2019-2299 Out-of-bounds Write vulnerability in Qualcomm products
An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application.
local
low complexity
qualcomm CWE-787
4.6
2019-07-25 CVE-2019-2298 Use After Free vulnerability in Qualcomm products
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDM660, SDX20, SDX24
local
low complexity
qualcomm CWE-416
4.6
2019-07-25 CVE-2019-2293 Use After Free vulnerability in Qualcomm products
Pointer dereference while freeing IFE resources due to lack of length check of in port resource.
local
low complexity
qualcomm CWE-416
4.6
2019-07-25 CVE-2019-2290 Use After Free vulnerability in Qualcomm products
Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016
local
low complexity
qualcomm CWE-416
4.6
2019-07-25 CVE-2019-2272 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Buffer overflow can occur in display function due to lack of validation of header block size set by user.
local
low complexity
qualcomm CWE-119
4.6