CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

CVE-2023-43537

Information disclosure while handling T2LM Action Frame in WLAN Host.

CVE-2025-27029

Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapd...

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

CVE-2024-21462

Transient DOS while loading the TA ELF file.

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

CVE-2024-43057

Memory corruption while processing command in Glink linux.

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & ...

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

CVE-2021-30282

Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networkin...

CVE-2024-23385

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

CVE-2021-30302

Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrast...

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-45556

Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

CVE-2024-23352

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-27073

Transient DOS while creating NDP instance.

CVE-2025-21477

Transient DOS while processing CCCH data when NW sends data with invalid length.

CVE-2025-27065

Transient DOS while processing a frame with malformed shared-key descriptor.