7 matches found
CVE-2023-21666
CVE-2023-21666 refers to memory corruption in graphics when accessing a buffer allocated through the graphics pool, tied to Qualcomm Adreno KGSL. The PacketStorm article documents a vulnerability class where, on KGSL builds without CONFIG_QCOM_KGSL_USE_SHMEM (or older KGSL versions without it), G...
CVE-2023-21665
CVE-2023-21665 describes memory corruption in the Qualcomm Adreno KGSL graphics driver. The connected packetstorm entry details an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr(), which is reachable via IOCTL_KGSL_MAP_USER_MEM and can bypass sanity checks on VMA...
CVE-2022-40532
CVE-2022-40532 affects Qualcomm WLAN/WMI command handling, where memory corruption can occur due to an integer overflow or wraparound when sending a WMI command from the host to the target. The issue is tied to Qualcomm chipset/WLAN firmware and is described as memory corruption with potential hi...
CVE-2022-33302
CVE-2022-33302 describes a memory corruption in the Qualcomm User Identity Module caused by improper validation of an array index when the APN TLV length exceeds the command length. Documents reference this vulnerability across multiple feeds (NVD, Red Hat, PRION, CNNVD, CVE list) with the same d...
CVE-2022-33289
Technical details about CVE-2022-33289 (affected products/versions/fix) are not provided in the supplied connected documents. Monitor for updates and additional authoritative disclosures.
CVE-2022-33296
CVE-2022-33296 describes memory corruption due to an integer overflow that becomes a buffer overflow in the Modem when parsing a Traffic Channel Neighbor List Update message. This affects Qualcomm modem components and is documented across multiple sources (NVD, Red Hat, CVE lists). The root cause...
CVE-2022-40504
CVE-2022-40504 describes a transient DoS caused by a reachable assertion in the Qualcomm modem when a UE processes a Downlink Data Indication. Connected sources identify the affected component as Qualcomm modem/firmware (e.g., 315 5G IoT Modem) with no public details on a patch or fix in the prov...