CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

CVE-2023-33067

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

CVE-2021-1961

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruc...

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2023-33057

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

CVE-2023-33101

Transient DOS while processing DL NAS TRANSPORT message with payload length 0.

CVE-2024-38423

Memory corruption while processing GPU page table switch.

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

CVE-2022-40502

Transient DOS due to improper input validation in WLAN Host.

CVE-2022-40521

Transient DOS due to improper authorization in Modem

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

CVE-2023-33076

Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.

CVE-2023-43521

Memory corruption when multiple listeners are being registered with the same file descriptor.

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

CVE-2024-21463

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

CVE-2020-11187

Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

CVE-2024-38416

Information disclosure during audio playback.

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

CVE-2024-21452

Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.

CVE-2024-21458

Information disclosure while handling SA query action frame.

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

CVE-2023-28578

Memory corruption in Core Services while executing the command for removing a single event listener.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2022-25687

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-33219

Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

CVE-2023-33099

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

CVE-2024-38405

Transient DOS while processing the CU information from RNR IE.

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

CVE-2023-33060

Transient DOS in Core when DDR memory check is called while DDR is not initialized.

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

CVE-2023-43549

Memory corruption while processing TPC target power table in FTM TPC.

CVE-2024-21466

Information disclosure while parsing sub-IE length during new IE generation.

CVE-2018-11928

Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, S...