Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for msm8916_firmware by qualcomm

    CVE-2021-1924 (GCVE-0-2021-1924)

    Vulnerability from nvd – Published: 2021-11-12 06:15 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    CWE
    • Cryptographic Issue in Core
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8056, APQ8062, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA402 ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.420Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8056, APQ8062, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA402 ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cryptographic Issue in Core",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-12T06:15:42.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2021-1924",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8056, APQ8062, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA4020, QCA4024, QCA6164, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6421, QCA6426, QCA6428, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA7500, QCA7520, QCA7550, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCA9531, QCA9558, QCA9561, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9890, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9987, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM6125, QCM6490, QCN3018, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN6122, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QFE1100, QFE1922, QFE1952, QRB5165, QRB5165N, QSM8250, QSM8350, QSW8573, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SC8280XP, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD480, SD632, SD662, SD665, SD675, SD678, SD690 5G, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD821, SD850, SD865 5G, SD870, SD888 5G, SDA429W, SDM429W, SDM630, SDM830, SDW2500, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDXR1, SDXR2 5G, SM4125, SM6225, SM6250, SM6250P, SM6375, SM7250, SM7325, WCD9306, WCD9330, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3910, WCN3950, WCN3988, WCN3991, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WHS9410, WSA8830, WSA8835, WTR3925L"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9,
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cryptographic Issue in Core"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2021-1924",
        "datePublished": "2021-11-12T06:15:42.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.420Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1909 (GCVE-0-2021-1909)

    Vulnerability from nvd – Published: 2021-09-09 07:35 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    CWE
    • Buffer Copy Without Checking Size of Input in Core
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074 ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.203Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074 ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Core",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-09T07:35:41.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2021-1909",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA4020, QCA4024, QCA6164, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA7500, QCA7520, QCA7550, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9561, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9890, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9987, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM6125, QCM6490, QCN3018, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN6122, QCN7605, QCN7606, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QFE1100, QFE1922, QFE1952, QRB5165, QSM8250, QSM8350, QSW8573, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SC8280XP, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD480, SD632, SD662, SD665, SD670, SD675, SD678, SD690 5G, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD821, SD835, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDM630, SDM830, SDW2500, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, WCD9306, WCD9330, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WHS9410, WSA8830, WSA8835, WTR3925L"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7.3,
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Core"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2021-1909",
        "datePublished": "2021-09-09T07:35:41.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.203Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11269 (GCVE-0-2020-11269)

    Vulnerability from nvd – Published: 2021-02-22 06:25 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    Severity
    No CVSS data available.
    CWE
    • Integer Overflow to Buffer Overflow in WLAN
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8039, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8084, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9205, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9310, MDM9330, MDM9607, MDM9609, MDM9615, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8929, MSM8937, MSM8939, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.880Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8039, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8084, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9205, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9310, MDM9330, MDM9607, MDM9609, MDM9615, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8929, MSM8937, MSM8939, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A,  ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow to Buffer Overflow in WLAN",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-22T06:25:57.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11269",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8039, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8084, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9205, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9310, MDM9330, MDM9607, MDM9609, MDM9615, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8929, MSM8937, MSM8939, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8018, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350B, PM8350BH, PM8350BHS, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8952, PM8953, PM8956, PM8994, PM8996, PM8998, PMC1000H, PMD9607, PMD9635, PMD9645, PMD9655, PME605, PMI632, PMI8937, PMI8940, PMI8952, PMI8994, PMI8996, PMI8998, PMK7350, PMK8001, PMK8002, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8920AU, PMM8996AU, PMP8074, PMR525, PMR735A, PMR735B, PMW3100, PMX20, PMX24, PMX50, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5568, QBT1000, QBT1500, QBT2000, QCA0000, QCA1023, QCA1990, QCA1990A, QCA4004, QCA4010, QCA4020, QCA4024, QCA4531, QCA6164, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6696, QCA7500, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9369, QCA9377, QCA9378, QCA9378A, QCA9379, QCA9531, QCA9558, QCA9561, QCA9563, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9890, QCA9896, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9987, QCA9990, QCA9992, QCA9994, QCC1110, QCC112, QCM6125, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5500, QCN5501, QCN5502, QCN7605, QCN7606, QCN9000, QCN9022, QCN9024, QCN9074, QCS405, QCS603, QCS605, QCS6125, QDM2301, QDM2302, QDM2307, QDM2308, QDM2310, QDM3301, QDM3302, QDM4643, QDM4650, QDM5579, QDM5620, QDM5621, QDM5670, QDM5671, QDM5677, QDM5679, QET4100, QET4101, QET4200AQ, QET5100, QET5100M, QET6100, QET6110, QFE1035, QFE1040, QFE1045, QFE1055, QFE1100, QFE1101, QFE1520, QFE1550, QFE1922, QFE1952, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, QFE3440FC, QFE4301, QFE4302, QFE4303, QFE4305, QFE4308, QFE4309, QFE4320, QFE4373FC, QFE4455FC, QFE4465FC, QFS2530, QFS2580, QLN1020, QLN1021AQ, QLN1030, QLN1031, QLN1035BD, QLN1036AQ, QLN4640, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA4340, QPA4360, QPA4361, QPA5373, QPA5460, QPA5581, QPA6560, QPA8673, QPA8675, QPA8686, QPA8688, QPA8801, QPA8802, QPA8803, QPA8821, QPM2630, QPM4650, QPM5541, QPM5577, QPM5579, QPM5621, QPM5670, QPM5677, QPM5679, QPM6325, QPM6375, QPM6585, QPM8820, QPM8870, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC800T, QTC801S, QTM525, QTM527, Qualcomm215, RGR7640AU, RSW8577, SA415M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD632, SD660, SD662, SD665, SD670, SD675, SD710, SD712, SD720G, SD730, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SDA429W, SDM429W, SDM630, SDM830, SDR051, SDR052, SDR105, SDR425, SDR660, SDR660G, SDR675, SDR8150, SDR8250, SDR845, SDR865, SDW2500, SDW3100, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7350, SMB1350, SMB1351, SMB1354, SMB1355, SMB1357, SMB1358, SMB1360, SMB1380, SMB1381, SMB1390, SMB1394, SMB1395, SMB1396, SMB1398, SMB231, SMB2351, SMB358S, SMR525, SMR526, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6856, WGR7640, WHS9410, WSA8810, WSA8815, WSA8830, WSA8835, WTR1605, WTR1605L, WTR1625L, WTR2955, WTR2965, WTR3905, WTR3925, WTR3925L, WTR3950, WTR4605, WTR4905, WTR5975, WTR6955"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow in WLAN"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11269",
        "datePublished": "2021-02-22T06:25:57.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11204 (GCVE-0-2020-11204)

    Vulnerability from nvd – Published: 2021-02-22 06:25 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in Qualcomm IPC
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8016, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8084, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM215, PM3003A, PM4125, PM4250, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8953, PM8996, ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8016, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8084, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM215, PM3003A, PM4125, PM4250, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8953, PM8996, ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in Qualcomm IPC",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-22T06:25:55.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11204",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8016, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8084, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM215, PM3003A, PM4125, PM4250, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8953, PM8996, PM8998, PMC1000H, PMC7180, PMD9607, PMD9645, PMD9655, PMD9655AU, PME605, PMI632, PMI8937, PMI8940, PMI8952, PMI8994, PMI8996, PMI8998, PMK7350, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMP8074, PMR525, PMR735A, PMR735B, PMW3100, PMX20, PMX24, PMX50, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA4004, QCA4020, QCA4024, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCA9888, QCA9889, QCA9984, QCC112, QCM2290, QCM4290, QCM6125, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QDM2301, QDM2302, QDM2305, QDM2307, QDM2308, QDM2310, QDM3301, QDM3302, QDM4643, QDM4650, QDM5579, QDM5620, QDM5621, QDM5650, QDM5652, QDM5670, QDM5671, QDM5677, QDM5679, QET4100, QET4101, QET4200AQ, QET5100, QET5100M, QET6100, QET6110, QFE1035, QFE1040, QFE1045, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2340, QFE2520, QFE2550, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, QFE3440FC, QFE4301, QFE4302, QFE4303, QFE4305, QFE4308, QFE4309, QFE4320, QFE4373FC, QFE4455FC, QFE4465FC, QFS2530, QFS2580, QFS2608, QFS2630, QLN1020, QLN1021AQ, QLN1030, QLN1031, QLN1035BD, QLN1036AQ, QLN4640, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA4340, QPA4360, QPA4361, QPA5373, QPA5460, QPA5461, QPA5580, QPA5581, QPA6560, QPA8673, QPA8675, QPA8686, QPA8688, QPA8801, QPA8802, QPA8803, QPA8821, QPA8842, QPM2630, QPM4621, QPM4630, QPM4640, QPM4641, QPM4650, QPM5541, QPM5577, QPM5579, QPM5620, QPM5621, QPM5641, QPM5657, QPM5658, QPM5670, QPM5677, QPM5679, QPM5870, QPM5875, QPM6325, QPM6375, QPM6582, QPM6585, QPM6621, QPM6670, QPM8820, QPM8830, QPM8870, QPM8895, QSM7250, QSM8250, QSM8350, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC800T, QTC801S, QTM525, QTM527, Qualcomm215, RGR7640AU, RSW8577, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD632, SD660, SD662, SD665, SD670, SD675, SD690 5G, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SD888 5G, SDA429W, SDM429W, SDM630, SDM830, SDR051, SDR052, SDR105, SDR425, SDR660, SDR660G, SDR675, SDR735, SDR735G, SDR8150, SDR8250, SDR845, SDR865, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM4350, SM6250, SM6250P, SM7250P, SM7350, SMB1350, SMB1351, SMB1354, SMB1355, SMB1357, SMB1358, SMB1360, SMB1380, SMB1381, SMB1390, SMB1394, SMB1395, SMB1396, SMB1398, SMB231, SMB2351, SMB358, SMR525, SMR526, SMR545, SMR546, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6856, WGR7640, WHS9410, WSA8810, WSA8815, WSA8830, WSA8835, WTR1605, WTR1605L, WTR2955, WTR2965, WTR3905, WTR3925, WTR3950, WTR4605, WTR4905, WTR5975, WTR6955"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in Qualcomm IPC"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11204",
        "datePublished": "2021-02-22T06:25:55.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11195 (GCVE-0-2020-11195)

    Vulnerability from nvd – Published: 2021-02-22 06:25 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in HLOS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Affected: APQ8009, APQ8016, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8996AU, PM3003A, PM4125, PM4250, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMD9607, PMD9655, PMD9655AU, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA40 ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.437Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8016, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8996AU, PM3003A, PM4125, PM4250, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMD9607, PMD9655, PMD9655AU, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA40 ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in HLOS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-22T06:25:54.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11195",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8016, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8996AU, PM3003A, PM4125, PM4250, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMD9607, PMD9655, PMD9655AU, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA4004, QCA4020, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA8337, QCA9367, QCA9377, QCA9379, QCM2290, QCM4290, QCM6125, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QDM2301, QDM2302, QDM2305, QDM2307, QDM2308, QDM2310, QDM3301, QDM4643, QDM4650, QDM5620, QDM5621, QDM5650, QDM5652, QDM5670, QDM5671, QDM5677, QDM5679, QET4100, QET4101, QET4200AQ, QET5100, QET5100M, QET6100, QET6110, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2550, QFE3100, QFE3320, QFE3440FC, QFE4455FC, QFE4465FC, QFS2530, QFS2580, QFS2608, QFS2630, QLN1020, QLN1021AQ, QLN1030, QLN1031, QLN1035BD, QLN1036AQ, QLN4640, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA4360, QPA4361, QPA5460, QPA5461, QPA5580, QPA5581, QPA6560, QPA8673, QPA8675, QPA8686, QPA8688, QPA8801, QPA8802, QPA8803, QPA8821, QPA8842, QPM2630, QPM4621, QPM4630, QPM4640, QPM4641, QPM4650, QPM5541, QPM5577, QPM5579, QPM5620, QPM5621, QPM5641, QPM5657, QPM5658, QPM5670, QPM5677, QPM5679, QPM5870, QPM5875, QPM6325, QPM6375, QPM6582, QPM6585, QPM6621, QPM6670, QPM8820, QPM8830, QPM8870, QPM8895, QSM7250, QSM8250, QSM8350, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC800T, QTC801S, QTM525, QTM527, RGR7640AU, SA415M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SD 675, SD 8C, SD 8CX, SD205, SD210, SD460, SD662, SD665, SD670, SD675, SD690 5G, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SD888 5G, SDM830, SDR051, SDR052, SDR105, SDR425, SDR660, SDR660G, SDR675, SDR735, SDR735G, SDR8150, SDR8250, SDR845, SDR865, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM4350, SM6250, SM6250P, SM7250P, SMB1350, SMB1351, SMB1354, SMB1355, SMB1360, SMB1380, SMB1381, SMB1390, SMB1395, SMB1396, SMB1398, SMB231, SMB2351, SMB358, SMR525, SMR526, SMR545, SMR546, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6750, WCN6850, WCN6851, WGR7640, WHS9410, WSA8810, WSA8815, WSA8830, WSA8835, WTR1605, WTR1605L, WTR2955, WTR2965, WTR3905, WTR3925, WTR3950, WTR4605, WTR4905, WTR5975, WTR6955"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in HLOS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11195",
        "datePublished": "2021-02-22T06:25:54.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.437Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1924 (GCVE-0-2021-1924)

    Vulnerability from cvelistv5 – Published: 2021-11-12 06:15 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    CWE
    • Cryptographic Issue in Core
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8056, APQ8062, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA402 ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.420Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8056, APQ8062, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA402 ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cryptographic Issue in Core",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-12T06:15:42.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2021-1924",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8056, APQ8062, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA4020, QCA4024, QCA6164, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6421, QCA6426, QCA6428, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA7500, QCA7520, QCA7550, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCA9531, QCA9558, QCA9561, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9890, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9987, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM6125, QCM6490, QCN3018, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN6122, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QFE1100, QFE1922, QFE1952, QRB5165, QRB5165N, QSM8250, QSM8350, QSW8573, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SC8280XP, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD480, SD632, SD662, SD665, SD675, SD678, SD690 5G, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD821, SD850, SD865 5G, SD870, SD888 5G, SDA429W, SDM429W, SDM630, SDM830, SDW2500, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDXR1, SDXR2 5G, SM4125, SM6225, SM6250, SM6250P, SM6375, SM7250, SM7325, WCD9306, WCD9330, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3910, WCN3950, WCN3988, WCN3991, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WHS9410, WSA8830, WSA8835, WTR3925L"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9,
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cryptographic Issue in Core"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2021-1924",
        "datePublished": "2021-11-12T06:15:42.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.420Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1909 (GCVE-0-2021-1909)

    Vulnerability from cvelistv5 – Published: 2021-09-09 07:35 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    CWE
    • Buffer Copy Without Checking Size of Input in Core
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074 ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.203Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074 ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Core",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-09T07:35:41.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2021-1909",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, AR9580, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM8635M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9330, MDM9607, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM8937, PMD9635, PMP8074, QCA10901, QCA1990, QCA4004, QCA4020, QCA4024, QCA6164, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA7500, QCA7520, QCA7550, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9561, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9890, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9987, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM6125, QCM6490, QCN3018, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN6122, QCN7605, QCN7606, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QFE1100, QFE1922, QFE1952, QRB5165, QSM8250, QSM8350, QSW8573, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SC8280XP, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD480, SD632, SD662, SD665, SD670, SD675, SD678, SD690 5G, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD821, SD835, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDM630, SDM830, SDW2500, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, WCD9306, WCD9330, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WHS9410, WSA8830, WSA8835, WTR3925L"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7.3,
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Core"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2021-1909",
        "datePublished": "2021-09-09T07:35:41.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.203Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11269 (GCVE-0-2020-11269)

    Vulnerability from cvelistv5 – Published: 2021-02-22 06:25 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    Severity
    No CVSS data available.
    CWE
    • Integer Overflow to Buffer Overflow in WLAN
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8039, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8084, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9205, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9310, MDM9330, MDM9607, MDM9609, MDM9615, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8929, MSM8937, MSM8939, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.880Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8039, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8084, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9205, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9310, MDM9330, MDM9607, MDM9609, MDM9615, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8929, MSM8937, MSM8939, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A,  ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow to Buffer Overflow in WLAN",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-22T06:25:57.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11269",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8039, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8084, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9205, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9250, MDM9310, MDM9330, MDM9607, MDM9609, MDM9615, MDM9625, MDM9625M, MDM9626, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8929, MSM8937, MSM8939, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8018, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350B, PM8350BH, PM8350BHS, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8952, PM8953, PM8956, PM8994, PM8996, PM8998, PMC1000H, PMD9607, PMD9635, PMD9645, PMD9655, PME605, PMI632, PMI8937, PMI8940, PMI8952, PMI8994, PMI8996, PMI8998, PMK7350, PMK8001, PMK8002, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8920AU, PMM8996AU, PMP8074, PMR525, PMR735A, PMR735B, PMW3100, PMX20, PMX24, PMX50, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5568, QBT1000, QBT1500, QBT2000, QCA0000, QCA1023, QCA1990, QCA1990A, QCA4004, QCA4010, QCA4020, QCA4024, QCA4531, QCA6164, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6696, QCA7500, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9369, QCA9377, QCA9378, QCA9378A, QCA9379, QCA9531, QCA9558, QCA9561, QCA9563, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9890, QCA9896, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9987, QCA9990, QCA9992, QCA9994, QCC1110, QCC112, QCM6125, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5500, QCN5501, QCN5502, QCN7605, QCN7606, QCN9000, QCN9022, QCN9024, QCN9074, QCS405, QCS603, QCS605, QCS6125, QDM2301, QDM2302, QDM2307, QDM2308, QDM2310, QDM3301, QDM3302, QDM4643, QDM4650, QDM5579, QDM5620, QDM5621, QDM5670, QDM5671, QDM5677, QDM5679, QET4100, QET4101, QET4200AQ, QET5100, QET5100M, QET6100, QET6110, QFE1035, QFE1040, QFE1045, QFE1055, QFE1100, QFE1101, QFE1520, QFE1550, QFE1922, QFE1952, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, QFE3440FC, QFE4301, QFE4302, QFE4303, QFE4305, QFE4308, QFE4309, QFE4320, QFE4373FC, QFE4455FC, QFE4465FC, QFS2530, QFS2580, QLN1020, QLN1021AQ, QLN1030, QLN1031, QLN1035BD, QLN1036AQ, QLN4640, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA4340, QPA4360, QPA4361, QPA5373, QPA5460, QPA5581, QPA6560, QPA8673, QPA8675, QPA8686, QPA8688, QPA8801, QPA8802, QPA8803, QPA8821, QPM2630, QPM4650, QPM5541, QPM5577, QPM5579, QPM5621, QPM5670, QPM5677, QPM5679, QPM6325, QPM6375, QPM6585, QPM8820, QPM8870, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC800T, QTC801S, QTM525, QTM527, Qualcomm215, RGR7640AU, RSW8577, SA415M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD632, SD660, SD662, SD665, SD670, SD675, SD710, SD712, SD720G, SD730, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SDA429W, SDM429W, SDM630, SDM830, SDR051, SDR052, SDR105, SDR425, SDR660, SDR660G, SDR675, SDR8150, SDR8250, SDR845, SDR865, SDW2500, SDW3100, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7350, SMB1350, SMB1351, SMB1354, SMB1355, SMB1357, SMB1358, SMB1360, SMB1380, SMB1381, SMB1390, SMB1394, SMB1395, SMB1396, SMB1398, SMB231, SMB2351, SMB358S, SMR525, SMR526, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6856, WGR7640, WHS9410, WSA8810, WSA8815, WSA8830, WSA8835, WTR1605, WTR1605L, WTR1625L, WTR2955, WTR2965, WTR3905, WTR3925, WTR3925L, WTR3950, WTR4605, WTR4905, WTR5975, WTR6955"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow in WLAN"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11269",
        "datePublished": "2021-02-22T06:25:57.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11204 (GCVE-0-2020-11204)

    Vulnerability from cvelistv5 – Published: 2021-02-22 06:25 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in Qualcomm IPC
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8016, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8084, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM215, PM3003A, PM4125, PM4250, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8953, PM8996, ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8016, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8084, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM215, PM3003A, PM4125, PM4250, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8953, PM8996, ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in Qualcomm IPC",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-22T06:25:55.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11204",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8016, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8084, APQ8096AU, AQT1000, AR8031, AR8035, AR8151, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM215, PM3003A, PM4125, PM4250, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8953, PM8996, PM8998, PMC1000H, PMC7180, PMD9607, PMD9645, PMD9655, PMD9655AU, PME605, PMI632, PMI8937, PMI8940, PMI8952, PMI8994, PMI8996, PMI8998, PMK7350, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMP8074, PMR525, PMR735A, PMR735B, PMW3100, PMX20, PMX24, PMX50, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA4004, QCA4020, QCA4024, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCA9888, QCA9889, QCA9984, QCC112, QCM2290, QCM4290, QCM6125, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5550, QCN6023, QCN6024, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QDM2301, QDM2302, QDM2305, QDM2307, QDM2308, QDM2310, QDM3301, QDM3302, QDM4643, QDM4650, QDM5579, QDM5620, QDM5621, QDM5650, QDM5652, QDM5670, QDM5671, QDM5677, QDM5679, QET4100, QET4101, QET4200AQ, QET5100, QET5100M, QET6100, QET6110, QFE1035, QFE1040, QFE1045, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2340, QFE2520, QFE2550, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, QFE3440FC, QFE4301, QFE4302, QFE4303, QFE4305, QFE4308, QFE4309, QFE4320, QFE4373FC, QFE4455FC, QFE4465FC, QFS2530, QFS2580, QFS2608, QFS2630, QLN1020, QLN1021AQ, QLN1030, QLN1031, QLN1035BD, QLN1036AQ, QLN4640, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA4340, QPA4360, QPA4361, QPA5373, QPA5460, QPA5461, QPA5580, QPA5581, QPA6560, QPA8673, QPA8675, QPA8686, QPA8688, QPA8801, QPA8802, QPA8803, QPA8821, QPA8842, QPM2630, QPM4621, QPM4630, QPM4640, QPM4641, QPM4650, QPM5541, QPM5577, QPM5579, QPM5620, QPM5621, QPM5641, QPM5657, QPM5658, QPM5670, QPM5677, QPM5679, QPM5870, QPM5875, QPM6325, QPM6375, QPM6582, QPM6585, QPM6621, QPM6670, QPM8820, QPM8830, QPM8870, QPM8895, QSM7250, QSM8250, QSM8350, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC800T, QTC801S, QTM525, QTM527, Qualcomm215, RGR7640AU, RSW8577, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD205, SD210, SD429, SD439, SD450, SD460, SD632, SD660, SD662, SD665, SD670, SD675, SD690 5G, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SD888 5G, SDA429W, SDM429W, SDM630, SDM830, SDR051, SDR052, SDR105, SDR425, SDR660, SDR660G, SDR675, SDR735, SDR735G, SDR8150, SDR8250, SDR845, SDR865, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM4350, SM6250, SM6250P, SM7250P, SM7350, SMB1350, SMB1351, SMB1354, SMB1355, SMB1357, SMB1358, SMB1360, SMB1380, SMB1381, SMB1390, SMB1394, SMB1395, SMB1396, SMB1398, SMB231, SMB2351, SMB358, SMR525, SMR526, SMR545, SMR546, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6856, WGR7640, WHS9410, WSA8810, WSA8815, WSA8830, WSA8835, WTR1605, WTR1605L, WTR2955, WTR2965, WTR3905, WTR3925, WTR3950, WTR4605, WTR4905, WTR5975, WTR6955"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in Qualcomm IPC"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11204",
        "datePublished": "2021-02-22T06:25:55.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11195 (GCVE-0-2020-11195)

    Vulnerability from cvelistv5 – Published: 2021-02-22 06:25 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
    Severity
    No CVSS data available.
    CWE
    • Improper Input Validation in HLOS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Affected: APQ8009, APQ8016, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8996AU, PM3003A, PM4125, PM4250, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMD9607, PMD9655, PMD9655AU, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA40 ...[truncated*]
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.437Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8016, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8996AU, PM3003A, PM4125, PM4250, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMD9607, PMD9655, PMD9655AU, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA40 ...[truncated*]"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Input Validation in HLOS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-22T06:25:54.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
            }
          ],
          "x_ConverterErrors": {
            "version_name": {
              "error": "version_name too long. Use array of versions to record more than one version.",
              "message": "Truncated!"
            }
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11195",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8016, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8916, MSM8996AU, PM3003A, PM4125, PM4250, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMD9607, PMD9655, PMD9655AU, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1000, QBT1500, QBT2000, QCA1990, QCA4004, QCA4020, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA8337, QCA9367, QCA9377, QCA9379, QCM2290, QCM4290, QCM6125, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QDM2301, QDM2302, QDM2305, QDM2307, QDM2308, QDM2310, QDM3301, QDM4643, QDM4650, QDM5620, QDM5621, QDM5650, QDM5652, QDM5670, QDM5671, QDM5677, QDM5679, QET4100, QET4101, QET4200AQ, QET5100, QET5100M, QET6100, QET6110, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2550, QFE3100, QFE3320, QFE3440FC, QFE4455FC, QFE4465FC, QFS2530, QFS2580, QFS2608, QFS2630, QLN1020, QLN1021AQ, QLN1030, QLN1031, QLN1035BD, QLN1036AQ, QLN4640, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA4360, QPA4361, QPA5460, QPA5461, QPA5580, QPA5581, QPA6560, QPA8673, QPA8675, QPA8686, QPA8688, QPA8801, QPA8802, QPA8803, QPA8821, QPA8842, QPM2630, QPM4621, QPM4630, QPM4640, QPM4641, QPM4650, QPM5541, QPM5577, QPM5579, QPM5620, QPM5621, QPM5641, QPM5657, QPM5658, QPM5670, QPM5677, QPM5679, QPM5870, QPM5875, QPM6325, QPM6375, QPM6582, QPM6585, QPM6621, QPM6670, QPM8820, QPM8830, QPM8870, QPM8895, QSM7250, QSM8250, QSM8350, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC800T, QTC801S, QTM525, QTM527, RGR7640AU, SA415M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SD 675, SD 8C, SD 8CX, SD205, SD210, SD460, SD662, SD665, SD670, SD675, SD690 5G, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SD888 5G, SDM830, SDR051, SDR052, SDR105, SDR425, SDR660, SDR660G, SDR675, SDR735, SDR735G, SDR8150, SDR8250, SDR845, SDR865, SDX24, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM4350, SM6250, SM6250P, SM7250P, SMB1350, SMB1351, SMB1354, SMB1355, SMB1360, SMB1380, SMB1381, SMB1390, SMB1395, SMB1396, SMB1398, SMB231, SMB2351, SMB358, SMR525, SMR526, SMR545, SMR546, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6750, WCN6850, WCN6851, WGR7640, WHS9410, WSA8810, WSA8815, WSA8830, WSA8835, WTR1605, WTR1605L, WTR2955, WTR2965, WTR3905, WTR3925, WTR3950, WTR4605, WTR4905, WTR5975, WTR6955"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation in HLOS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11195",
        "datePublished": "2021-02-22T06:25:54.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.437Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }