8 matches found
CVE-2024-21468
CVE-2024-21468 corresponds to a memory corruption issue that occurs when a GPU unmap operation fails, described across multiple sources as a memory corruption/Use-After-Free condition in Qualcomm kernel components. Affected: Qualcomm chipset GPUs and related kernel code paths. Root cause: failed ...
CVE-2025-21453
CVE-2025-21453 describes memory corruption in Qualcomm components due to a use-after-free style issue when an iterator is accessed after removal, with the GPS HLOS driver specifically listed in CVE records. Public records (NVD/NCSC/Red Hat CVEs) corroborate the memory-corruption description and t...
CVE-2024-33052
CVE-2024-33052 describes a memory corruption in the FM Host/HCI control path when data is provided for FM HCI commands. The vulnerability is tied to Qualcomm chipsets and is classified as local with low privileges and no user interaction, and the impact is rated high (confidentiality, integrity, ...
CVE-2023-33023
CVE-2023-33023 corresponds to a memory corruption issue in Qualcomm closed‑source components related to the finish_sign command when passing an rsp buffer. The vulnerability is described as a local issue with high impact (C/H/I/A), requiring no user interaction and no privileges, per CVSS data. C...
CVE-2023-33066
CVE-2023-33066 describes a memory corruption in the Audio component of Qualcomm’s closed‑source stack, triggered while processing the RT proxy port register driver. The issue is linked to an out-of-range pointer offset in Audio (per VulnEnrichment), with Qualcomm’s March 2024 product-security bul...
CVE-2023-28547
CVE-2023-28547 is a memory corruption issue in the SPS Application when requesting a public key in the sorter Trust Agent (TA), affecting Qualcomm components (including closed-source parts). Root cause described as memory corruption in SPS Application; exposed impact on confidentiality, integrity...
CVE-2023-43551
The CVE-2023-43551 entry is confirmed in connected sources as a cryptographic/authentication issue occurring during LTE attach, where a rogue base station can skip the authentication phase and immediately issue the Security Mode Command. The vulnerability is attributed to Qualcomm closed‑source c...
CVE-2025-21433
CVE-2025-21433 affects Qualcomm closed‑source components. The issue is a transient denial-of-service that occurs when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. Root cause is a zero-sized modulus handling in the affected component(s); impact is Denial of Service (availa...