Msm8909 firmware

This hub aggregates every CVE we track for Msm8909 firmware, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Msm8909 firmware.

• CVE-2020-3639u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Con...9.8Nov 12, 2020
• CVE-2020-11196u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Indust...9.8Nov 12, 2020
• CVE-2020-11193u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industri...9.8Nov 12, 2020
• CVE-2020-11132u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial I...7.1Nov 12, 2020
• CVE-2020-11123u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the ...5.5Nov 12, 2020
• CVE-2020-3644u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap...5.5Sep 8, 2020
• CVE-2020-3643u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon ...5.5Sep 8, 2020
• CVE-2020-3624u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...7.8Sep 8, 2020
• CVE-2020-3622u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdrago...7.8Sep 8, 2020
• CVE-2020-3621u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in S...5.5Sep 8, 2020
• CVE-2020-3620u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon ...5.5Sep 8, 2020
• CVE-2020-3619u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connect...7.0Sep 8, 2020
• CVE-2019-14115u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which can result in user reading the secure input while touch is in non-se...5.5Sep 8, 2020
• CVE-2019-14074u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Co...7.8Sep 8, 2020
• CVE-2019-14065u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mob...7.8Sep 8, 2020