CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to DSP.

CVE-2024-43047

Memory corruption while maintaining memory maps of HLOS memory.

CVE-2021-35103

Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netwo...

CVE-2021-35106

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use case.

CVE-2025-21424

Memory corruption while calling the NPU driver APIs concurrently.

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot allocation.

CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

CVE-2025-21467

Memory corruption while reading the FW response from the shared queue.

CVE-2024-38402

Memory corruption while processing IOCTL call for getting group info.

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

CVE-2023-24851

Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

CVE-2023-33079

Memory corruption in Audio while running invalid audio recording from ADSP.

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

CVE-2023-33034

Memory corruption while parsing the ADSP response command.

CVE-2023-33117

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP.

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

CVE-2023-33087

Memory corruption in Core while processing RX intent request.

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status information.

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

CVE-2023-28584

Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

CVE-2024-53027

Transient DOS may occur while processing the country IE.

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

CVE-2022-25741

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

CVE-2024-38415

Memory corruption while handling session errors from firmware.

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2024-33052

Memory corruption when user provides data for FM HCI command control operations.

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

CVE-2024-38423

Memory corruption while processing GPU page table switch.

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec decoding.

CVE-2022-25713

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

CVE-2022-34146

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

CVE-2023-28556

Cryptographic issue in HLOS during key management.

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.