CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

CVE-2023-43518

Memory corruption in video while parsing invalid mp2 clip.

CVE-2024-33027

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.

CVE-2024-33034

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.

CVE-2024-38416

Information disclosure during audio playback.

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-30298

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired ...

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

CVE-2022-33273

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

CVE-2022-33274

Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication.

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVE-2023-28574

Memory corruption in core services when Diag handler receives a command to configure event listeners.

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

CVE-2024-23382

Memory corruption while processing graphics kernel driver request to create DMA fence.

CVE-2021-30340

Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

CVE-2023-28578

Memory corruption in Core Services while executing the command for removing a single event listener.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2023-33085

Memory corruption in wearables while processing data from AON.

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

CVE-2024-33023

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.

CVE-2021-1962

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruct...

CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infra...

CVE-2021-35094

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2022-25687

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-33219

Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.

CVE-2022-33234

Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-33250

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

CVE-2022-33254

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

CVE-2022-34144

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

CVE-2023-22384

Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

CVE-2023-33099

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

CVE-2024-33012

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

CVE-2024-33015

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.

CVE-2021-1968

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

CVE-2022-40508

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.