137 matches found
CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction.
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-22666
Memory Corruption in Audio while playing amrwbplus clips with modified content.
CVE-2023-28540
Cryptographic issue in Data Modem due to improper authentication during TLS handshake.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name.
CVE-2023-33054
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
CVE-2022-25694
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
CVE-2023-28576
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to ou...
CVE-2022-33260
Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.
CVE-2023-28564
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
CVE-2022-33266
Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.
CVE-2023-22385
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28558
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-33070
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-21647
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-28557
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2023-28587
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
CVE-2023-33088
Memory corruption when processing cmd parameters while parsing vdev.
CVE-2023-28559
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
CVE-2023-33017
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
CVE-2022-40518
Information disclosure due to buffer overread in Core
CVE-2022-40520
Memory corruption due to stack-based buffer overflow in Core
CVE-2023-22667
Memory Corruption in Audio while allocating the ion buffer during the music playback.
CVE-2022-33267
Memory corruption in Linux while sending DRM request.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2023-21633
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA.
CVE-2023-28551
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space.
CVE-2022-40519
Information disclosure due to buffer overread in Core
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2022-40517
Memory corruption in core due to stack-based buffer overflow