Snapdragon X72 5g Modem-rf Firmware Security Vulnerabilities and Issues — Snapdragon X72 5g Modem-rf Firmware CVE List

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2025/05/06 9:15 a.m.•60 views

CVE-2024-49835

Memory corruption while reading secure file.

7.8CVSS7.8AI score0.00017EPSS

CVE•added 2025/05/06 9:15 a.m.•52 views

CVE-2024-49845

Memory corruption during the FRS UDS generation process.

7.8CVSS7.9AI score0.00026EPSS

CVE•added 2025/05/06 9:15 a.m.•52 views

CVE-2024-49847

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

7.5CVSS7.5AI score0.00055EPSS

CVE•added 2024/05/06 3:15 p.m.•50 views

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

7.8CVSS7AI score0.0003EPSS

CVE•added 2024/05/06 3:15 p.m.•49 views

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

7.8CVSS7.1AI score0.0003EPSS

CVE•added 2024/05/06 3:15 p.m.•48 views

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer.

9.8CVSS7.1AI score0.00098EPSS

CVE•added 2025/05/06 9:15 a.m.•48 views

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

7.8CVSS8AI score0.00026EPSS

CVE•added 2024/05/06 3:15 p.m.•45 views

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

8.4CVSS7AI score0.00035EPSS

CVE•added 2025/05/06 9:15 a.m.•45 views

CVE-2024-49842

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

7.8CVSS7.8AI score0.00016EPSS

CVE•added 2025/05/06 9:15 a.m.•44 views

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

7.8CVSS7.9AI score0.00017EPSS

CVE•added 2024/05/06 3:15 p.m.•43 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS

CVE•added 2025/01/06 11:15 a.m.•43 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2024/05/06 3:15 p.m.•42 views

CVE-2023-43531

Memory corruption while verifying the serialized header when the key pairs are generated.

8.4CVSS7.1AI score0.00045EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38417

Information disclosure while processing IO control commands.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

8.8CVSS8.9AI score0.00036EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2024/05/06 3:15 p.m.•41 views

CVE-2023-43526

Memory corruption while querying module parameters from Listen Sound model client in kernel from user space.

7.8CVSS6.9AI score0.0003EPSS

CVE•added 2024/05/06 3:15 p.m.•41 views

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

7.5CVSS6.8AI score0.00294EPSS

CVE•added 2024/05/06 3:15 p.m.•40 views

CVE-2023-43530

Memory corruption in HLOS while checking for the storage type.

7.8CVSS7.1AI score0.00042EPSS

CVE•added 2024/05/06 3:15 p.m.•36 views

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

7.5CVSS6.9AI score0.00153EPSS

CVE•added 2025/07/08 1:15 p.m.•9 views

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

7.8CVSS6.6AI score0.0001EPSS

CVE•added 2025/07/08 1:15 p.m.•9 views

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

9.1CVSS6.6AI score0.00031EPSS

CVE•added 2025/07/08 1:15 p.m.•8 views

CVE-2025-21454

Transient DOS while processing received beacon frame.

7.5CVSS6.6AI score0.00048EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

7.8CVSS6.8AI score0.00012EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

6.2CVSS6.6AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

7.5CVSS6.4AI score0.00063EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-21449

Transient DOS may occur while processing malformed length field in SSID IEs.

7.5CVSS6.6AI score0.00048EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-27052

Memory corruption while processing data packets in diag received from Unix clients.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

7.5CVSS6.6AI score0.00048EPSS