Qualcomm Security Vulnerabilities

CVE-2024-23354

Memory corruption when the IOCTL call is interrupted by a...

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol...

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model...

CVE-2023-43521

Memory corruption when multiple listeners are being registered with the same file...

CVE-2024-21476

Memory corruption when the channel ID passed by user is not validated and further...

CVE-2024-21480

Memory corruption while playing audio file having large-sized input...

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in...

CVE-2023-43531

Memory corruption while verifying the serialized header when the key pairs are...

CVE-2023-43526

Memory corruption while querying module parameters from Listen Sound model client in kernel from user...

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM)...

CVE-2024-21474

Memory corruption when size of buffer from previous call is used without validation or...

CVE-2023-43530

Memory corruption in HLOS while checking for the storage...

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is...

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor...

CVE-2024-23351

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC...

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected...

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected...

CVE-2023-43527

Information disclosure while parsing dts header atom in...

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit...

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3...

CVE-2023-33035

Memory corruption while invoking callback function of AFE from...

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk...

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management...

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...

CVE-2023-28581

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK...

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor...

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI...

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI...

CVE-2023-28559

Memory corruption in WLAN FW while processing command parameters from untrusted WMI...

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in...

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF...

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available...

CVE-2023-28540

Cryptographic issue in Data Modem due to improper authentication during TLS...

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in...

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning...

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory...

CVE-2023-22382

Weak configuration in Automotive while VM is processing a listener request from...

CVE-2023-21672

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording...

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged...

CVE-2023-21660

Transient DOS in WLAN Firmware while parsing FT Information...

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input...

CVE-2023-21642

Memory corruption in HAB Memory management due to broad system privileges via physical...

CVE-2023-21639

Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL...

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from...

CVE-2022-40540

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux...

CVE-2022-40524

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP...

CVE-2022-40527

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by...

CVE-2022-40513

Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos...

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the...