394 matches found
CVE-2023-28542
Memory Corruption in WLAN HOST while fetching TX status information.
CVE-2023-28572
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.
CVE-2023-28584
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).
CVE-2023-33113
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2023-21672
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.
CVE-2023-22386
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
CVE-2023-43514
Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.
CVE-2024-23380
Memory corruption while handling user packets during VBO bind operation.
CVE-2023-24854
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
CVE-2024-21475
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2024-23351
Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.
CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition.
CVE-2024-23372
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.
CVE-2024-53027
Transient DOS may occur while processing the country IE.
CVE-2024-49833
Memory corruption can occur in the camera when an invalid CID is used.
CVE-2023-33065
Information disclosure in Audio while accessing AVCS services from ADSP payload.
CVE-2024-33042
Memory corruption when Alternative Frequency offset value is set to 255.
CVE-2024-38415
Memory corruption while handling session errors from firmware.
CVE-2024-45571
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2024-49834
Memory corruption while power-up or power-down sequence of the camera sensor.
CVE-2024-33060
Memory corruption when two threads try to map and unmap a single node simultaneously.
CVE-2024-49838
Information disclosure while parsing the OCI IE with invalid length.
CVE-2024-49839
Memory corruption during management frame processing due to mismatch in T2LM info element.
CVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2022-33231
Memory corruption due to double free in core while initializing the encryption key.
CVE-2024-33048
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
CVE-2024-33052
Memory corruption when user provides data for FM HCI command control operations.
CVE-2024-53024
Memory corruption in display driver while detaching a device.
CVE-2023-22388
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
CVE-2024-53014
Memory corruption may occur while validating ports and channels in Audio driver.
CVE-2024-21455
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.
CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-38399
Memory corruption while processing user packets to generate page faults.
CVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
CVE-2022-40514
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2023-33068
Memory corruption in Audio while processing IIR config data from AFE calibration block.
CVE-2024-21471
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
CVE-2024-33045
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVE-2024-33049
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2022-40532
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2023-21631
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
CVE-2023-33090
Transient DOS while processing channel information for speaker protection v2 module in ADSP.
CVE-2024-33069
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.
CVE-2023-28554
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2023-33028
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
CVE-2023-33067
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
CVE-2023-33069
Memory corruption in Audio while processing the calibration data returned from ACDB loader.