Qualcomm Agatti_firmware
14 CVEs affecting Qualcomm Agatti_firmware. Latest disclosed: 2020-11-02. Critical: 4, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-3692 | Critical | 9.8 | 2020-11-02 | u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from serv… |
CVE-2020-3673 | Critical | 9.8 | 2020-11-02 | u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapd… |
CVE-2020-3654 | Critical | 9.8 | 2020-11-02 | u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Co… |
CVE-2020-3670 | Critical | 9.1 | 2020-11-02 | u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container'… |
CVE-2020-3690 | High | 7.8 | 2020-11-02 | u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon… |
CVE-2020-3684 | High | 7.8 | 2020-11-02 | u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in… |
CVE-2020-3678 | High | 7.8 | 2020-11-02 | u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon In… |
CVE-2020-3638 | High | 7.8 | 2020-11-02 | u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control' in Snapdragon Auto, Snap… |
CVE-2020-11174 | High | 7.8 | 2020-11-02 | u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdrago… |
CVE-2020-11164 | High | 7.8 | 2020-11-02 | u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon… |
CVE-2020-11162 | High | 7.8 | 2020-11-02 | u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon… |
CVE-2020-11125 | High | 7.8 | 2020-11-02 | u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Comp… |
CVE-2020-3704 | High | 7.5 | 2020-11-02 | u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dea… |
CVE-2020-11173 | High | 7.0 | 2020-11-02 | u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectiv… |