Sdm429w Firmware Security Vulnerabilities

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring...

CVE-2023-33068

Memory corruption in Audio while processing IIR config data from AFE calibration...

CVE-2023-33069

Memory corruption in Audio while processing the calibration data returned from ACDB...

CVE-2023-33067

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap...

CVE-2023-33064

Transient DOS in Audio when invoking callback function of ASM...

CVE-2023-33065

Information disclosure in Audio while accessing AVCS services from ADSP...

CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in...

CVE-2023-33033

Memory corruption in Audio during playback with speaker...

CVE-2023-33030

Memory corruption in HLOS while running playready...

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...

CVE-2023-33070

Transient DOS in Automotive OS due to improper authentication to the secure IO...

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to...

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators...

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter...

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory...

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from...

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data...

CVE-2023-28570

Memory corruption while processing audio...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP...

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted...

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line...

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE...

CVE-2023-33020

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA...

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in...

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one...

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified...

CVE-2022-40510

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS...

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR...

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory...

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music...

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use...

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header...

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response...

CVE-2023-21669

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source...

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged...

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from...

CVE-2023-21661

Transient DOS while parsing WLAN beacon or probe-response...

CVE-2022-40521

Transient DOS due to improper authorization in...

CVE-2022-33227

Memory corruption in Linux android due to double free while calling unregister provider after register...

CVE-2022-33267

Memory corruption in Linux while sending DRM...

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read...

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics...

CVE-2023-21665

Memory corruption in Graphics while importing a...

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to...

CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP...

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...