CVE-2021-1982

Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

CVE-2021-30267

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-30295

Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2021-30316

Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2022-22078

Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2023-43530

Memory corruption in HLOS while checking for the storage type.

CVE-2023-43538

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

CVE-2024-21462

Transient DOS while loading the TA ELF file.

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

CVE-2020-11303

Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice...

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2020-11176

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

CVE-2021-1979

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30310

Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2021-30314

Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2024-38419

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

CVE-2020-11246

A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

CVE-2020-11294

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2020-11295

Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2020-11298

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...

CVE-2021-1930

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2021-1932

Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastru...

CVE-2023-43545

Memory corruption when more scan frequency list or channels are sent from the user space.

CVE-2024-38424

Memory corruption during GNSS HAL process initialization.

CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2020-11304

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVE-2024-21479

Transient DOS during music playback of ALAC content.

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-27052

Memory corruption while processing data packets in diag received from Unix clients.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.