Snapdragon 820 Automotive Firmware
Monthly
Transient DOS while processing received beacon frame.
Transient DOS may occur while processing malformed length field in SSID IEs.
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption while processing input message passed from FE driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.
Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption when user provides data for FM HCI command control operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption when Alternative Frequency offset value is set to 255. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Transient DOS while processing received beacon frame.
Transient DOS may occur while processing malformed length field in SSID IEs.
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption while processing input message passed from FE driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.
Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption when user provides data for FM HCI command control operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption when Alternative Frequency offset value is set to 255. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.