| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption while handling session errors from firmware. |
| Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same. |
| Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. |
| Memory corruption during the network scan request. |
| Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. |
| Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record. |
| Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario. |
| Information disclosure while parsing the multiple MBSSID IEs from the beacon. |
| Memory corruption while redirecting log file to any file location with any file name. |
| Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. |
| Transient DOS while parsing ESP IE from beacon/probe response frame. |
| Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. |
| Memory corruption while processing user packets to generate page faults. |
| Information disclosure while sending implicit broadcast containing APP launch information. |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors. |
| goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler. |
| Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions. |
| The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by leveraging the presence of RWX memory at a fixed location. |
| goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on user-space length values for kernel-memory copies of procfs file content, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that provides crafted values. |
