CVE-2022-33240

Memory corruption in Audio due to incorrect type cast during audio use-cases.

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

CVE-2022-40522

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

CVE-2023-33095

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

CVE-2021-35092

Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2021-35122

Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-22060

Assertion occurs while processing Reconfiguration message due to improper validation

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-33251

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

CVE-2022-33270

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

CVE-2023-33039

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

CVE-2024-21458

Information disclosure while handling SA query action frame.

CVE-2020-11188

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

CVE-2020-11292

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & M...

CVE-2021-1952

Possible buffer over read occurs due to lack of length check of request buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

CVE-2022-22081

Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-25664

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-25695

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...

CVE-2023-21624

Information disclosure in DSP Services while loading dynamic module.

CVE-2023-21646

Transient DOS in Modem while processing invalid System Information Block 1.

CVE-2023-21648

Memory corruption in RIL while trying to send apdu packet.

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

CVE-2023-33070

Transient DOS in Automotive OS due to improper authentication to the secure IO calls.

CVE-2023-43539

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

CVE-2024-21465

Memory corruption while processing key blob passed by the user.

CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

CVE-2024-38423

Memory corruption while processing GPU page table switch.

CVE-2020-11191

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon ...

CVE-2021-35113

Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2021-35118

An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-22062

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapd...

CVE-2022-22105

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.