CVE-2022-25716

Memory corruption in Multimedia Framework due to unsafe access to the data members

CVE-2022-25736

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

CVE-2024-23383

Memory corruption when kernel driver attempts to trigger hardware fences.

CVE-2024-45546

Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.

CVE-2024-45554

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

CVE-2024-45573

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

CVE-2020-11243

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

CVE-2020-11255

Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrag...

CVE-2020-11289

Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdrag...

CVE-2020-11291

Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,...

CVE-2021-1894

Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2021-1910

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-1929

Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2021-30275

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networ...

CVE-2021-30308

Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2022-33300

Memory corruption in Automotive Android OS due to improper input validation.

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

CVE-2024-21461

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

CVE-2024-21476

Memory corruption when the channel ID passed by user is not validated and further used.

CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

CVE-2024-33051

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

CVE-2024-38410

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.

CVE-2024-45561

Memory corruption while handling IOCTL call from user-space to set latency level.

CVE-2024-45570

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

CVE-2024-49842

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

CVE-2024-53034

Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

CVE-2020-11252

Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infras...

CVE-2020-11263

An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CVE-2020-11288

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2021-1903

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

CVE-2021-1916

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-30256

Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdrago...

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, ...

CVE-2021-30298

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired ...

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

CVE-2023-43527

Information disclosure while parsing dts header atom in Video.

CVE-2024-33013

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.

CVE-2024-33055

Memory corruption while invoking IOCTL calls to unmap the DMA buffers.

CVE-2024-38426

While processing the authentication message in UE, improper authentication may lead to information disclosure.

CVE-2024-43060

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

CVE-2024-43062

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

CVE-2024-45566

Memory corruption during concurrent buffer access due to modification of the reference count.

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

CVE-2024-53011

Information disclosure may occur due to improper permission and access controls to Video Analytics engine.