Qualcomm Security Vulnerabilities

CVE-2023-28574

Memory corruption in core services when Diag handler receives a command to configure event...

CVE-2023-24847

Transient DOS in Modem while allocating DSM...

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or...

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...

CVE-2023-33106

Memory corruption while submitting a large list of sync points in an AUX command to the...

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn...

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3...

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to...

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm...

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management...

CVE-2022-33230

Memory corruption in FM Host due to buffer copy without checking the size of input in FM...

CVE-2022-33279

Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame...

CVE-2022-33291

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed...

CVE-2022-25728

Information disclosure in modem due to buffer over-read while processing response from DNS...

CVE-2022-25739

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM...

CVE-2022-25740

Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the...

CVE-2022-25745

Memory corruption in modem due to improper input validation while handling the incoming CoAP...

CVE-2022-33211

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2023-43512

Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services...

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection...

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer...

CVE-2022-25732

Information disclosure in modem due to buffer over read in dns client due to missing length...

CVE-2022-40502

Transient DOS due to improper input validation in WLAN...

CVE-2023-24843

Transient DOS in Modem while triggering a camping on an 5G...

CVE-2023-21635

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on...

CVE-2022-33250

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE...

CVE-2022-33304

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP...

CVE-2022-34146

Transient DOS due to improper input validation in WLAN Host while parsing frame during...

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response...

CVE-2022-40536

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from...

CVE-2023-21646

Transient DOS in Modem while processing invalid System Information Block...

CVE-2022-40533

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI...

CVE-2023-21661

Transient DOS while parsing WLAN beacon or probe-response...

CVE-2022-40535

Transient DOS due to buffer over-read in WLAN while sending a packet to...

CVE-2022-33246

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session...

CVE-2022-25730

Information disclosure in modem due to improper check of IP type while processing DNS server...

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB...

CVE-2022-40538

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from...

CVE-2022-25729

Memory corruption in modem due to improper length check while copying into...

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec...

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...

CVE-2023-21653

Transient DOS in Modem while processing RRC reconfiguration...

CVE-2023-21660

Transient DOS in WLAN Firmware while parsing FT Information...

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame...

CVE-2022-33254

Transient DOS due to reachable assertion in Modem while processing SIB1...

CVE-2022-40527

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by...

CVE-2023-33078

Information Disclosure while processing IOCTL request in...

CVE-2023-33090

Transient DOS while processing channel information for speaker protection v2 module in...

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM)...