Sm7325p Firmware@- Security Vulnerabilities and Issues — Page 7 of Sm7325p Firmware@- CVE List

Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.9AI score0.00105EPSS

CVE•added 2022/09/16 6:15 a.m.•54 views

CVE-2022-22094

memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.1AI score0.00072EPSS

CVE•added 2022/12/13 4:15 p.m.•54 views

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...

7.5CVSS7.6AI score0.00145EPSS

CVE•added 2023/01/09 8:15 a.m.•54 views

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

7.5CVSS5.9AI score0.00112EPSS

CVE•added 2023/01/09 8:15 a.m.•54 views

CVE-2022-40518

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2023/01/09 8:15 a.m.•54 views

CVE-2022-40520

Memory corruption due to stack-based buffer overflow in Core

8.4CVSS8.3AI score0.04308EPSS

CVE•added 2023/07/04 5:15 a.m.•54 views

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music playback.

8.4CVSS8.1AI score0.00051EPSS

CVE•added 2023/09/05 7:15 a.m.•54 views

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command parameters.

7.8CVSS8AI score0.00033EPSS

CVE•added 2023/09/05 7:15 a.m.•54 views

CVE-2023-33015

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

7.5CVSS7.5AI score0.00071EPSS

CVE•added 2022/09/02 12:15 p.m.•53 views

CVE-2021-35132

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS7.8AI score0.00083EPSS

CVE•added 2022/09/02 12:15 p.m.•53 views

CVE-2021-35134

Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS8.5AI score0.00066EPSS

CVE•added 2022/09/16 6:15 a.m.•53 views

CVE-2022-25653

Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.8CVSS5.7AI score0.00046EPSS

CVE•added 2022/09/16 6:15 a.m.•53 views

CVE-2022-25669

Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.6AI score0.00276EPSS

CVE•added 2022/09/16 6:15 a.m.•53 views

CVE-2022-25686

Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

9.8CVSS9.7AI score0.00135EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

8.2CVSS6AI score0.00063EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•53 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2023/12/05 3:15 a.m.•52 views

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8CVSS7.7AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•52 views

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

7.8CVSS8AI score0.00024EPSS

CVE•added 2023/12/05 3:15 a.m.•52 views

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

7.5CVSS7.7AI score0.00222EPSS

CVE•added 2024/01/02 6:15 a.m.•52 views

CVE-2023-33112

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

7.5CVSS7.5AI score0.00229EPSS

CVE•added 2022/10/19 11:15 a.m.•51 views

CVE-2022-25662

Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.3AI score0.00274EPSS

CVE•added 2022/11/15 10:15 a.m.•51 views

CVE-2022-25679

Denial of service in video due to improper access control in broadcast receivers in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.2CVSS5.6AI score0.00054EPSS

CVE•added 2022/12/13 4:15 p.m.•51 views

CVE-2022-25685

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.00139EPSS

CVE•added 2023/12/05 3:15 a.m.•51 views

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8CVSS8AI score0.0006EPSS

CVE•added 2022/01/03 8:15 a.m.•50 views

CVE-2021-30274

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Network...

8.4CVSS7.8AI score0.00033EPSS

CVE•added 2022/10/19 11:15 a.m.•50 views

CVE-2022-25661

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.7AI score0.00085EPSS

CVE•added 2022/09/16 6:15 a.m.•50 views

CVE-2022-25688

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.0019EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2021/06/09 7:15 a.m.•49 views

CVE-2021-1937

Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobi...

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2022/01/03 8:15 a.m.•49 views

CVE-2021-30279

Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS7.7AI score0.00028EPSS

CVE•added 2022/01/13 12:15 p.m.•49 views

CVE-2021-30307

Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

7.5CVSS7.5AI score0.00359EPSS

CVE•added 2022/09/02 12:15 p.m.•49 views

CVE-2021-35097

Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...

7.3CVSS6.9AI score0.00007EPSS

CVE•added 2022/12/13 4:15 p.m.•49 views

CVE-2022-25675

Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

5.5CVSS5.6AI score0.0008EPSS

CVE•added 2022/09/16 6:15 a.m.•49 views

CVE-2022-25696

Memory corruption in display due to time-of-check time-of-use race condition during map or unmap in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS7.1AI score0.00055EPSS

CVE•added 2023/01/09 8:15 a.m.•49 views

CVE-2022-40519

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2023/12/05 3:15 a.m.•49 views

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

7.5CVSS7.5AI score0.00194EPSS

CVE•added 2024/01/02 6:15 a.m.•48 views

CVE-2023-33038

Memory corruption while receiving a message in Bus Socket Transport Server.

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2024/09/02 12:15 p.m.•48 views

CVE-2024-33051

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

7.5CVSS7.6AI score0.00174EPSS

CVE•added 2024/12/02 11:15 a.m.•48 views

CVE-2024-33056

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

8.4CVSS8.6AI score0.00033EPSS

CVE•added 2021/06/09 7:15 a.m.•47 views

CVE-2020-11306

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2022/01/03 8:15 a.m.•47 views

CVE-2021-1894

Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.8CVSS7.7AI score0.00034EPSS

CVE•added 2022/01/03 8:15 a.m.•47 views

CVE-2021-30336

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.6AI score0.00033EPSS

CVE•added 2022/09/16 6:15 a.m.•47 views

CVE-2022-22066

Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.9AI score0.00093EPSS

CVE•added 2022/10/19 11:15 a.m.•47 views

CVE-2022-25736

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.5CVSS7.5AI score0.00165EPSS

Total number of security vulnerabilities389