Sm8350 Firmware Security Vulnerabilities

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2023-33029

Memory corruption in DSP Service during a remote call from HLOS to DSP.

CVE-2023-33034

Memory corruption while parsing the ADSP response command.

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

CVE-2023-33043

Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the Network.

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP.

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to DSP.

CVE-2023-33079

Memory corruption in Audio while running invalid audio recording from ADSP.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.