CVE-2021-1918

Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-1932

Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastru...

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-33018

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

CVE-2024-38424

Memory corruption during GNSS HAL process initialization.

CVE-2021-1919

Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-1966

Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback

CVE-2024-23381

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-38403

Transient DOS while parsing BTM ML IE when per STA profile is not included.

CVE-2024-38409

Memory corruption while station LL statistic handling.

CVE-2020-11304

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.

CVE-2023-43555

Information disclosure in Video while parsing mp2 clip with invalid section length.

CVE-2024-33022

Memory corruption while allocating memory in HGSL driver.

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

CVE-2024-23352

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CVE-2024-23355

Memory corruption when keymaster operation imports a shared key.

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVE-2024-21479

Transient DOS during music playback of ALAC content.

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2025-21466

Memory corruption while processing a private escape command in an event trigger.

CVE-2025-27046

Memory corruption while processing multiple simultaneous escape calls.

CVE-2025-27055

Memory corruption during the image encoding process.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

CVE-2025-27047

Memory corruption while processing the TESTPATTERNCONFIG escape path.

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly.

CVE-2025-27052

Memory corruption while processing data packets in diag received from Unix clients.

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.