Sa8145p Firmware Security Vulnerabilities and Issues — Sa8145p Firmware CVE List

An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

9.4CVSS9AI score0.00239EPSS

CVE•added 2022/06/14 10:15 a.m.•142 views

CVE-2021-30342

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

9.1CVSS5.9AI score0.00357EPSS

CVE•added 2022/02/11 11:15 a.m.•139 views

CVE-2021-35074

Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.8AI score0.00094EPSS

CVE•added 2021/07/13 6:15 a.m.•137 views

CVE-2021-1965

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

10CVSS9.7AI score0.2745EPSS

CVE•added 2022/02/11 11:15 a.m.•126 views

CVE-2021-35075

Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.6AI score0.00094EPSS

CVE•added 2022/01/03 8:15 a.m.•125 views

CVE-2021-30351

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wear...

9.8CVSS9.4AI score0.00393EPSS

CVE•added 2021/07/13 6:15 a.m.•117 views

CVE-2021-1931

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.2CVSS6.9AI score0.00038EPSS

CVE•added 2023/01/09 8:15 a.m.•116 views

CVE-2022-22088

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

9.8CVSS9.2AI score0.00704EPSS

CVE•added 2022/04/01 5:15 a.m.•114 views

CVE-2021-35103

Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netwo...

7.8CVSS7.7AI score0.00101EPSS

CVE•added 2022/04/01 5:15 a.m.•114 views

CVE-2021-35105

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.7AI score0.00101EPSS

CVE•added 2022/02/11 11:15 a.m.•111 views

CVE-2021-30323

Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.9AI score0.00085EPSS

CVE•added 2022/04/01 5:15 a.m.•110 views

CVE-2021-35088

Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

9.1CVSS9AI score0.0032EPSS

CVE•added 2022/10/19 11:15 a.m.•109 views

CVE-2022-25720

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

9.8CVSS9.4AI score0.00236EPSS

CVE•added 2022/04/01 5:15 a.m.•107 views

CVE-2021-35106

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00094EPSS

CVE•added 2022/06/14 10:15 a.m.•104 views

CVE-2021-30334

Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.7AI score0.00089EPSS

CVE•added 2022/02/11 11:15 a.m.•103 views

CVE-2021-35069

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.8CVSS7.8AI score0.00119EPSS

CVE•added 2022/02/11 11:15 a.m.•103 views

CVE-2021-35077

Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.7AI score0.00096EPSS

CVE•added 2023/06/06 8:15 a.m.•103 views

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use case.

7.8CVSS7.8AI score0.00054EPSS

CVE•added 2022/02/11 11:15 a.m.•102 views

CVE-2021-35068

Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.2AI score0.00219EPSS

CVE•added 2023/02/12 4:15 a.m.•102 views

CVE-2022-33243

Memory corruption due to improper access control in Qualcomm IPC.

8.4CVSS8AI score0.00051EPSS

CVE•added 2022/11/15 10:15 a.m.•100 views

CVE-2022-25743

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8AI score0.00057EPSS

CVE•added 2022/02/11 11:15 a.m.•99 views

CVE-2021-30317

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

9.3CVSS7.7AI score0.00041EPSS

CVE•added 2022/06/14 10:15 a.m.•99 views

CVE-2021-35081

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Vo...

10CVSS9.6AI score0.00321EPSS

CVE•added 2023/06/06 8:15 a.m.•99 views

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2021/07/13 6:15 a.m.•98 views

CVE-2021-1954

Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.5CVSS7.6AI score0.00394EPSS

CVE•added 2023/05/02 6:15 a.m.•98 views

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

8.4CVSS8AI score0.0006EPSS

CVE•added 2025/03/03 11:15 a.m.•98 views

CVE-2025-21424

Memory corruption while calling the NPU driver APIs concurrently.

7.8CVSS7.4AI score0.00021EPSS

CVE•added 2021/10/20 7:15 a.m.•95 views

CVE-2021-30305

Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.3AI score0.00043EPSS

CVE•added 2023/06/06 8:15 a.m.•95 views

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

7.8CVSS7.9AI score0.00053EPSS

CVE•added 2022/06/14 10:15 a.m.•94 views

CVE-2021-35130

Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS7.9AI score0.00043EPSS

CVE•added 2021/07/13 6:15 a.m.•93 views

CVE-2021-1945

Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.5CVSS7.5AI score0.00305EPSS

CVE•added 2021/07/13 6:15 a.m.•93 views

CVE-2021-1955

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Sn...

7.5CVSS7.5AI score0.00305EPSS

CVE•added 2021/11/12 7:15 a.m.•93 views

CVE-2021-30259

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

7.8CVSS7.7AI score0.00041EPSS

CVE•added 2021/07/13 6:15 a.m.•92 views

CVE-2021-1907

Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.8AI score0.00329EPSS

CVE•added 2021/07/13 6:15 a.m.•92 views

CVE-2021-1943

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.5CVSS7.6AI score0.00394EPSS

CVE•added 2023/09/05 7:15 a.m.•92 views

CVE-2023-21636

Memory Corruption due to improper validation of array index in Linux while updating adn record.

7.8CVSS6.9AI score0.00021EPSS

CVE•added 2023/04/13 7:15 a.m.•89 views

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

9.3CVSS8.1AI score0.00044EPSS

CVE•added 2021/07/13 6:15 a.m.•87 views

CVE-2021-1964

Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.5CVSS7.6AI score0.00394EPSS

CVE•added 2022/02/11 11:15 a.m.•87 views

CVE-2021-30324

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdra...

6.7CVSS6.8AI score0.00047EPSS

CVE•added 2023/11/07 6:15 a.m.•87 views

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2024/02/06 6:16 a.m.•87 views

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

7.8CVSS7.7AI score0.00053EPSS

CVE•added 2024/04/01 3:15 p.m.•86 views

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

8.4CVSS8.6AI score0.00044EPSS

CVE•added 2023/02/12 4:15 a.m.•85 views

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

9.8CVSS9.8AI score0.00144EPSS

CVE•added 2023/01/09 8:15 a.m.•84 views

CVE-2022-33255

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.