Sd 835 Firmware Security Vulnerabilities

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon...

CVE-2023-43518

Memory corruption in video while parsing invalid mp2...

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo...

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next...

CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in...

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from...

CVE-2023-33033

Memory corruption in Audio during playback with speaker...

CVE-2023-33030

Memory corruption in HLOS while running playready...

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot...

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during...

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in...

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter...

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory...

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI...

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info...

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP...

CVE-2023-24847

Transient DOS in Modem while allocating DSM...

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line...

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE...

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command...

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI...

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI...

CVE-2023-28584

Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement...

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status...

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI...

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI...

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV...

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF...

CVE-2023-28559

Memory corruption in WLAN FW while processing command parameters from untrusted WMI...

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim...

CVE-2023-24851

Memory Corruption in WLAN HOST while parsing QMI response message from...

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response...

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music...

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status...

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from...

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1...

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the...

CVE-2022-40521

Transient DOS due to improper authorization in...

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read...

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to...

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...

CVE-2019-10530

Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU,...

CVE-2019-2246

Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574,...

CVE-2019-2323

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

CVE-2019-2331

Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...