CVE-2025-47389 Buffer Copy Without Checking Size of Input in Automotive Platform

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...

CVE-2025-47389

CVE-2025-47389 describes memory corruption caused by a buffer copy operation failing due to an integer overflow during attestation report generation. Documents identify the issue as applicable to an Automotive Platform, with the CVSS v3.1 base score 7.8 (HIGH) and LOCAL attack vector, LOW attack ...

CVE-2025-47389 Buffer Copy Without Checking Size of Input in Automotive Platform

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...

CVE-2025-47345 Reusing a Nonce, Key Pair in Encryption in Automotive Platform

Cryptographic issue may occur while encrypting license data...

CVE-2025-47345

Technical details (affected products, versions, root cause, fixes) are not publicly provided in the connected documents. Monitor for updates from Qualcomm and related security bulletins.

CVE-2025-47345 Reusing a Nonce, Key Pair in Encryption in Automotive Platform

Cryptographic issue may occur while encrypting license data...

CVE-2025-47365

CVE-2025-47365 concerns a memory corruption issue in Qualcomm Chipsets/Automotive Platform caused by processing large input data received from a remote source over a communication interface. The root cause is described as an integer overflow or wraparound in the affected data handling. Impact is ...

CVE-2025-47365 Integer Overflow or Wraparound in Automotive Platform

Memory corruption while processing large input data from a remote source via a communication interface...

CVE-2025-47365 Integer Overflow or Wraparound in Automotive Platform

Memory corruption while processing large input data from a remote source via a communication interface...

CVE-2025-47362 Buffer Over-read in Automotive Software platform based on QNX

Information disclosure while processing message from client with invalid payload...

CVE-2025-47362 Buffer Over-read in Automotive Software platform based on QNX

Information disclosure while processing message from client with invalid payload...

CVE-2025-47361 Improper Validation of Array Index in Automotive Software platform based on QNX

Memory corruption when triggering a subsystem crash with an out-of-range identifier...

CVE-2025-47360 Stack-based Buffer Overflow in Automotive Software platform based on QNX

Memory corruption while processing client message during device management...

PT-2025-44925

Name of the Vulnerable Software and Affected Versions Automotive Software platform based on QNX affected versions not specified Description A memory corruption issue exists when processing requests originating from GVM. The issue involves a dangerous method or function within the software platfor...

PT-2025-44929

Name of the Vulnerable Software and Affected Versions Automotive Software platform based on QNX affected versions not specified Description An information disclosure issue exists when processing messages from a client with an invalid payload. The issue involves a buffer over-read. Recommendations...

PT-2025-44930

Name of the Vulnerable Software and Affected Versions Automotive Platform affected versions not specified Description A memory corruption issue exists when processing large input data received from a remote source through a communication interface. The issue is due to an integer overflow or...

CVE-2025-47314 Improper Input Validation in Automotive Software platform based on QNX

Memory corruption while processing data sent by FE driver...

CVE-2025-27077

CVE-2025-27077 pertains to memory corruption in Qualcomm chipsets when processing messages in a guest VM. The vulnerability affects the guest/VMM interaction, with the underlying cause described as memory corruption during message handling inside the VM. CVSS 3.1 vector indicates Local attack vec...

Android Automotive OS Update Bulletin—April 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2024-03-05 or later from the April 2024 Android Security Bulletin in addition to all issues in this...