CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

CVE-2023-33086

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

CVE-2023-33095

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

CVE-2023-33103

Transient DOS while processing CAG info IE received from NW.

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2023-33077

Memory corruption in HLOS while converting from authorization token to HIDL vector.

CVE-2023-33083

Memory corruption in WLAN Host while processing RRM beacon on the AP.

CVE-2023-33084

Transient DOS while processing IE fragments from server during DTLS handshake.

CVE-2024-21458

Information disclosure while handling SA query action frame.

CVE-2023-43539

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

CVE-2024-21465

Memory corruption while processing key blob passed by the user.

CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

CVE-2023-33096

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

CVE-2023-33104

Transient DOS while processing PDU Release command with a parameter PDU ID out of range.

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

CVE-2023-33024

Memory corruption while sending SMS from AP firmware.

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

CVE-2024-49845

Memory corruption during the FRS UDS generation process.

CVE-2024-49847

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

CVE-2021-35129

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CVE-2024-38405

Transient DOS while processing the CU information from RNR IE.

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

CVE-2024-21456

Information Disclosure while parsing beacon frame in STA.

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

CVE-2024-38397

Transient DOS while parsing probe response and assoc response frame.

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer.

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

CVE-2024-49846

Memory corruption while decoding of OTA messages from T3448 IE.

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.