Snapdragon 855 860 Firmware
Monthly
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Linux while calling system configuration APIs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Linux while calling system configuration APIs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.