Vulnerabilities > Qualcomm > Sdm429W Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2021-35098 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-119
6.7
6.7
2022-06-14 CVE-2021-35118 Out-of-bounds Write vulnerability in Qualcomm products
An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
6.7
6.7
2022-06-14 CVE-2021-35120 Use After Free vulnerability in Qualcomm products
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
6.7
6.7
2021-11-12 CVE-2021-1924 Information Exposure Through Discrepancy vulnerability in Qualcomm products
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-203
5.5
5.5
2021-09-17 CVE-2021-1939 NULL Pointer Dereference vulnerability in Qualcomm products
Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
5.5
2021-09-09 CVE-2021-1935 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
5.5
2021-09-08 CVE-2021-1904 Incorrect Comparison vulnerability in Qualcomm products
Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-697
5.5
5.5
2021-07-13 CVE-2021-1899 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
low complexity
qualcomm CWE-125
4.6
4.6
2021-06-09 CVE-2020-11160 Integer Overflow or Wraparound vulnerability in Qualcomm products
Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-190
6.7
6.7
2021-05-07 CVE-2020-11293 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-125
6.0
6.0