CPE Details
Qualcomm VIDEO COLLABORATION VC1 -
-
2023-07-10
09h07 +00:00
09h07 +00:00
2023-08-25
05h10 +00:00
05h10 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*
Informations
Vendor
qualcommProduct
video_collaboration_vc1Version
-Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. | 7.8 |
Haute |
||
| Memory corruption while reading the FW response from the shared queue. | 7.8 |
Haute |
||
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. | 7.8 |
Haute |
||
| Memory corruption during concurrent access to server info object due to unprotected critical field. | 7.8 |
Haute |
||
| Transient DOS may occur while processing the country IE. | 7.5 |
Haute |
||
| Memory corruption in display driver while detaching a device. | 7.8 |
Haute |
||
| Memory corruption may occur while validating ports and channels in Audio driver. | 7.8 |
Haute |
||
| Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
Moyen |
||
| While processing the authentication message in UE, improper authentication may lead to information disclosure. | 5.4 |
Moyen |
||
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | 7.5 |
Haute |
||
| Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. | 6.1 |
Moyen |
||
| Memory corruption while maintaining memory maps of HLOS memory. | 7.8 |
Haute |
||
| Memory corruption while processing IOCTL call for getting group info. | 7.8 |
Haute |
||
| Memory corruption while processing concurrent IOCTL calls. | 7.8 |
Haute |
||
| Memory corruption when two threads try to map and unmap a single node simultaneously. | 8.4 |
Haute |
||
| Memory corruption when user provides data for FM HCI command control operations. | 7.8 |
Haute |
||
| Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | 7.5 |
Haute |
||
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | 7.5 |
Haute |
||
| Memory corruption when BTFM client sends new messages over Slimbus to ADSP. | 8.4 |
Haute |
||
| Memory corruption when Alternative Frequency offset value is set to 255. | 7.8 |
Haute |
||
| Information disclosure in Video while parsing mp2 clip with invalid section length. | 8.2 |
Haute |
||
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. | 9.1 |
Critique |
||
| Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. | 8.4 |
Haute |
||
| Memory corruption when the payload received from firmware is not as per the expected protocol size. | 7.8 |
Haute |
||
| Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. | 8.4 |
Haute |
||
| Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received. | 7.5 |
Haute |
||
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. | 6.1 |
Moyen |
||
| Information disclosure while parsing dts header atom in Video. | 6.8 |
Moyen |
||
| Memory corruption when multiple listeners are being registered with the same file descriptor. | 7.8 |
Haute |
||
| Memory corruption when there is failed unmap operation in GPU. | 8.4 |
Haute |
||
| Transient DOS while decoding message of size that exceeds the available system memory. | 7.5 |
Haute |
||
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. | 5.5 |
Moyen |
||
| Memory corruption while processing finish_sign command to pass a rsp buffer. | 8.4 |
Haute |
||
| Memory corruption in SPS Application while requesting for public key in sorter TA. | 8.4 |
Haute |
||
| Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem. | 7.8 |
Haute |
||
| Memory corruption while parsing qcp clip with invalid chunk data size. | 9.8 |
Critique |
||
| Memory corruption while invoking IOCTLs calls in Automotive Multimedia. | 8.4 |
Haute |
||
| Memory corruption while invoking HGSL IOCTL context create. | 8.4 |
Haute |
||
| Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. | 7.5 |
Haute |
||
| Memory corruption in Audio while processing RT proxy port register driver. | 8.4 |
Haute |
||
| Memory corruption in Core Services while executing the command for removing a single event listener. | 9.3 |
Critique |
||
| Memory Corruption in WLAN HOST while fetching TX status information. | 7.8 |
Haute |
||
| Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. | 7.8 |
Haute |
||
| Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. | 7.8 |
Haute |
||
| Memory Corruption in WLAN HOST while parsing QMI response message from firmware. | 7.8 |
Haute |
||
| Memory Corruption in Audio while allocating the ion buffer during the music playback. | 8.4 |
Haute |
||
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | 7.8 |
Haute |
||
| Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. | 7.8 |
Haute |
||
| Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. | 7.8 |
Haute |
||
| Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. | 6.8 |
Moyen |
