157 matches found
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image.
CVE-2023-28540
Cryptographic issue in Data Modem due to improper authentication during TLS handshake.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2022-25694
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
CVE-2022-33224
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.
CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name.
CVE-2022-33260
Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.
CVE-2022-33263
Memory corruption due to use after free in Core when multiple DCI clients register and deregister.
CVE-2023-22668
Memory Corruption in Audio while invoking IOCTLs calls from the user-space.
CVE-2023-24850
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
CVE-2023-28564
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
CVE-2023-33054
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
CVE-2023-21637
Memory corruption in Linux while calling system configuration APIs.
CVE-2023-21663
Memory Corruption while accessing metadata in Display.
CVE-2023-28539
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
CVE-2023-28545
Memory corruption in TZ Secure OS while loading an app ELF.
CVE-2023-28576
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to ou...
CVE-2022-33266
Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.
CVE-2023-22385
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-28549
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28558
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-21647
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.
CVE-2023-21655
Memory corruption in Audio while validating and mapping metadata.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-21624
Information disclosure in DSP Services while loading dynamic module.
CVE-2023-21648
Memory corruption in RIL while trying to send apdu packet.
CVE-2023-28557
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2023-28579
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.
CVE-2023-33098
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
CVE-2022-33284
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
CVE-2022-40524
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
CVE-2023-21627
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
CVE-2023-21634
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.
CVE-2023-22383
Memory Corruption in camera while installing a fd for a particular DMA buffer.
CVE-2023-28559
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
CVE-2023-28580
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
CVE-2023-33017
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
CVE-2023-33088
Memory corruption when processing cmd parameters while parsing vdev.
CVE-2022-33230
Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host
CVE-2023-33024
Memory corruption while sending SMS from AP firmware.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2023-21654
Memory corruption in Audio during playback session with audio effects enabled.
CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA.
CVE-2023-21633
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
CVE-2023-21644
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.
CVE-2023-28551
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2022-40519
Information disclosure due to buffer overread in Core