Qcs405 Security Vulnerabilities

CVE-2023-28543

A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote...

CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS...

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in...

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one...

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after...

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified...

CVE-2022-40510

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS...

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer...

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata...

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization...

CVE-2022-40537

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP...

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID...

CVE-2022-22075

Information Disclosure in Graphics during GPU context...

CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP...

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command...

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU...

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust...

CVE-2022-33245

Memory corruption in WLAN due to use after...

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in...

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response...

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or...

CVE-2022-33280

Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP...

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI...

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF...

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi...

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected...

CVE-2022-25729

Memory corruption in modem due to improper length check while copying into...

CVE-2022-25738

Information disclosure in modem due to buffer over-red while performing checksum of packet...

CVE-2022-25732

Information disclosure in modem due to buffer over read in dns client due to missing length...

CVE-2022-33229

Information disclosure due to buffer over-read in Modem while using static array to process IPv4...

CVE-2022-25733

Denial of service in modem due to null pointer dereference while processing DNS...

CVE-2022-25734

Denial of service in modem due to missing null check while processing IP packets with...

CVE-2022-25735

Denial of service in modem due to missing null check while processing TCP or UDP packets from...

CVE-2022-25728

Information disclosure in modem due to buffer over-read while processing response from DNS...

CVE-2022-40517

Memory corruption in core due to stack-based buffer...

CVE-2022-40518

Information disclosure due to buffer overread in...

CVE-2022-40519

Information disclosure due to buffer overread in...

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified...

CVE-2022-40516

Memory corruption in Core due to stack-based buffer...

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management...

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action...

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is...

CVE-2022-33299

Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length...

CVE-2022-33255

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer...

CVE-2022-22088

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from...

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-33235

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...