99 matches found
CVE-2022-33278
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
CVE-2022-40507
Memory corruption due to double free in Core while mapping HLOS address to the list.
CVE-2022-33250
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.
CVE-2022-33254
Transient DOS due to reachable assertion in Modem while processing SIB1 Message.
CVE-2022-33285
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2022-33244
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout
CVE-2022-33264
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
CVE-2022-33272
Transient DOS in modem due to reachable assertion.
CVE-2022-40536
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.
CVE-2023-21651
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request.
CVE-2022-25746
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
CVE-2022-40516
Memory corruption in Core due to stack-based buffer overflow.
CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction.
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-22666
Memory Corruption in Audio while playing amrwbplus clips with modified content.
CVE-2023-28540
Cryptographic issue in Data Modem due to improper authentication during TLS handshake.
CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name.
CVE-2023-33054
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
CVE-2023-33081
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
CVE-2022-25694
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
CVE-2022-33224
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.
CVE-2022-33307
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
CVE-2023-21662
Memory corruption in Core Platform while printing the response buffer in log.
CVE-2022-33263
Memory corruption due to use after free in Core when multiple DCI clients register and deregister.
CVE-2023-21664
Memory Corruption in Core Platform while printing the response buffer in log.
CVE-2023-33070
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
CVE-2022-40522
Memory corruption in Linux Networking due to double free while handling a hyp-assign.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2022-22060
Assertion occurs while processing Reconfiguration message due to improper validation
CVE-2022-33251
Transient DOS due to reachable assertion in Modem because of invalid network configuration.
CVE-2023-21646
Transient DOS in Modem while processing invalid System Information Block 1.
CVE-2022-33284
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
CVE-2022-40533
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
CVE-2023-33017
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
CVE-2023-33042
Transient DOS in Modem after RRC Setup message is received.
CVE-2022-33226
Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.
CVE-2022-33230
Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host
CVE-2022-40518
Information disclosure due to buffer overread in Core
CVE-2022-40520
Memory corruption due to stack-based buffer overflow in Core
CVE-2022-33267
Memory corruption in Linux while sending DRM request.
CVE-2023-33024
Memory corruption while sending SMS from AP firmware.
CVE-2023-21644
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.
CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space.
CVE-2022-40519
Information disclosure due to buffer overread in Core
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2022-40517
Memory corruption in core due to stack-based buffer overflow