Hhjack

**Name of the Vulnerable Software and Affected Versions** Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Connectivity (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon IoT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) Snapdragon Wearables (affected versions not specified) **Description** The issue is related to a potential out of bound read exception that occurs when a UE receives an unusually large number of padding octets in the beginning of the ROHC header. This affects various Snapdragon products. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) **Description** The issue is related to an integer overflow in boot due to an improper length check on arguments received. This affects Snapdragon Consumer IOT, Snapdragon Industrial IOT, and Snapdragon Voice & Music. **Recommendations** For Snapdragon Consumer IOT, restrict access to the boot process until a proper fix is applied. For Snapdragon Industrial IOT, consider implementing additional length checks on arguments received during boot as a temporary workaround. For Snapdragon Voice & Music, avoid using the affected boot process until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Connectivity (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon IoT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) Snapdragon Wearables (affected versions not specified) **Description** The issue is related to an out of bound write while parsing an SDP string due to a missing check on null termination. This affects various Snapdragon products. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.