CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2021-1927

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired In...

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

CVE-2024-33048

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

CVE-2024-33052

Memory corruption when user provides data for FM HCI command control operations.

CVE-2024-43052

Memory corruption while processing API calls to NPU with invalid input.

CVE-2024-45582

Memory corruption while validating number of devices in Camera kernel .

CVE-2020-11299

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2021-1891

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon W...

CVE-2022-22083

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

CVE-2023-28575

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.

CVE-2024-49836

Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2020-11230

Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-1950

Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

CVE-2024-38399

Memory corruption while processing user packets to generate page faults.

CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

CVE-2024-49832

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

CVE-2025-21485

Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.

CVE-2020-11198

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2020-11267

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

CVE-2020-11296

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

CVE-2021-30306

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30319

Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...

CVE-2022-22084

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2022-33256

Memory corruption due to improper validation of array index in Multi-mode call processor.

CVE-2022-40510

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

CVE-2021-1939

Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

CVE-2021-1942

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastru...

CVE-2021-30294

Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...

CVE-2021-30339

Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CVE-2021-30345

RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CVE-2023-21671

Memory Corruption in Core during syscall for Sectools Fuse comparison feature.

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

CVE-2023-33068

Memory corruption in Audio while processing IIR config data from AFE calibration block.

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

CVE-2024-33057

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

CVE-2020-11170

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

CVE-2020-11270

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...

CVE-2021-1886

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables