Qualcomm Security Vulnerabilities

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected...

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID...

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance...

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask...

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in...

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR...

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from...

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from...

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected...

CVE-2023-28556

Cryptographic issue in HLOS during key...

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...

CVE-2022-40521

Transient DOS due to improper authorization in...

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...

CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered...

CVE-2022-33251

Transient DOS due to reachable assertion in Modem because of invalid network...

CVE-2023-33065

Information disclosure in Audio while accessing AVCS services from ADSP...

CVE-2023-33114

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same...

CVE-2023-33092

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected...

CVE-2022-33220

Information disclosure in Automotive multimedia due to buffer...

CVE-2022-33263

Memory corruption due to use after free in Core when multiple DCI clients register and...

CVE-2022-33298

Memory corruption due to use after free in Modem while modem...

CVE-2023-43520

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping...

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music...

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app...

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status...

CVE-2023-33087

Memory corruption in Core while processing RX intent...

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo...

CVE-2023-43523

Transient DOS while processing 11AZ RTT management action frame received through...

CVE-2023-33046

Memory corruption in Trusted Execution Environment while deinitializing an object used for license...

CVE-2023-28584

Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement...

CVE-2023-33074

Memory corruption in Audio when SSR event is triggered after music playback is...

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon...

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one...

CVE-2023-21627

Memory corruption in Trusted Execution Environment while calling service API with invalid...

CVE-2023-33094

Memory corruption while running VK synchronization with KASAN...

CVE-2023-21648

Memory corruption in RIL while trying to send apdu...

CVE-2022-25735

Denial of service in modem due to missing null check while processing TCP or UDP packets from...

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring...

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command...

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security...

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data...

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics...

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update...

CVE-2023-33082

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO...

CVE-2023-21633

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage...

CVE-2023-28583

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6...

CVE-2023-43514

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem...

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI...

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF...