CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

CVE-2023-33068

Memory corruption in Audio while processing IIR config data from AFE calibration block.

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

CVE-2023-33090

Transient DOS while processing channel information for speaker protection v2 module in ADSP.

CVE-2024-33057

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

CVE-2024-38421

Memory corruption while processing GPU commands.

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

CVE-2024-33043

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

CVE-2024-33069

Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.

CVE-2023-33067

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

CVE-2023-33069

Memory corruption in Audio while processing the calibration data returned from ACDB loader.

CVE-2024-38423

Memory corruption while processing GPU page table switch.

CVE-2021-1950

Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

CVE-2024-21458

Information disclosure while handling SA query action frame.

CVE-2024-38405

Transient DOS while processing the CU information from RNR IE.

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

CVE-2024-21478

transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

CVE-2021-35115

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

CVE-2024-21466

Information disclosure while parsing sub-IE length during new IE generation.

CVE-2022-25713

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CVE-2024-23384

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker.

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

CVE-2024-21456

Information Disclosure while parsing beacon frame in STA.

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

CVE-2024-23366

Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.

CVE-2024-23383

Memory corruption when kernel driver attempts to trigger hardware fences.

CVE-2024-33013

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.

CVE-2022-33216

Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

CVE-2024-33026

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

CVE-2023-33072

Memory corruption in Core while processing control functions.

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

CVE-2023-28556

Cryptographic issue in HLOS during key management.

CVE-2024-33034

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.

CVE-2024-43063

information disclosure while invoking the mailbox read API.

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.

CVE-2023-33037

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

CVE-2024-23382

Memory corruption while processing graphics kernel driver request to create DMA fence.

CVE-2023-43521

Memory corruption when multiple listeners are being registered with the same file descriptor.