Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service that can occur when GVM sends a specific message type to the Vdev-FastRPC backend...

CLSA-2024-1731603213 Fix of 76 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...

SUSE CVE-2023-52918

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: check cx23885vdevinit return cx23885vdevinit can return a NULL pointer, but that pointer is used in the next line without a check. Add a NULL pointer check and go to the error unwind if it is NULL...

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev...

Memory corruption

Memory corruption when processing cmd parameters while parsing vdev...

CVE-2023-33089 NULL Pointer Dereference in WLAN Firmware

Transient DOS when processing a NULL buffer while parsing WLAN vdev...

CVE-2023-33089

CVE-2023-33089 describes a Transient DoS in Qualcomm WLAN firmware caused by processing a NULL buffer during WLAN vdev parsing. The vulnerability is tracked across multiple feeds, with a CVSS v3.1 base score of 7.5 (High) and network attack vector without required user interaction. Connected docu...

CVE-2023-33088

CVE-2023-33088 relates to memory corruption when processing cmd parameters during vdev parsing in Qualcomm chipsets. The connected CVE record also references a NULL pointer dereference in WLAN Firmware as a related detail. Public data here does not provide explicit affected models, versions, or a...

CVE-2023-33088 NULL pointer dereference in WLAN Firmware

Memory corruption when processing cmd parameters while parsing vdev...

PT-2023-24179 · Qualcomm · 315 5G Iot Modem Firmware +273

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption when processing command parameters while parsing vdev. No information is provided about the estimated number of...

SUSE CVE-2019-12615

An issue was discovered in getvdevportnodeinfo in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdupconst of nodeinfo-vdevport.name, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash...

PT-2022-35067 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to an integer overflow in the rproc handle vdev function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm product...

Input validation

Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...

CVE-2018-5903

Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...

Linux kernel denial of service vulnerability (CNVD-2019-16599)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A denial of service vulnerability exists in the getvdevportnodeinfo file in arch/sparc/kernel/mdesc.c in Linux kernel 5.1.6 and earlier. The vulnerability stems from a...

Google Android QC WLAN wma_vdev_start_resp_handler() denial of service vulnerability

Google Android is a free and open source operating system based on Linux. A security vulnerability in Google Android QC WLAN wmavdevstartresphandler allows remote attackers to conduct denial of service attacks by submitting a special request using the vulnerability...

Google Android Qualcomm Wma management elevation of privilege vulnerability

Android on Google Pixel and Nexus is a Linux-based open source operating system for Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA.Qualcomm Wma management Qualcomm Wma management is a Qualcomm Wma digital audio compression format management component...