Qualcomm Security Vulnerabilities

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA...

CVE-2022-40524

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP...

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI...

CVE-2022-40513

Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos...

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor...

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command...

CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK...

CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP...

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input...

CVE-2023-33024

Memory corruption while sending SMS from AP...

CVE-2022-22075

Information Disclosure in Graphics during GPU context...

CVE-2022-33226

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client...

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status...

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR...

CVE-2023-33060

Transient DOS in Core when DDR memory check is called while DDR is not...

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next...

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1...

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI...

CVE-2023-22382

Weak configuration in Automotive while VM is processing a listener request from...

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or...

CVE-2022-33292

Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting...

CVE-2022-33281

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...

CVE-2023-28581

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK...

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory...

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim...

CVE-2023-21639

Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL...

CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS...

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot...

CVE-2023-33015

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon...

CVE-2023-33085

Memory corruption in wearables while processing data from...

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in...

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators...

CVE-2022-33280

Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP...

CVE-2023-33072

Memory corruption in Core while processing control...

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use...

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem...

CVE-2023-33079

Memory corruption in Audio while running invalid audio recording from...

CVE-2023-33040

Transient DOS in Data Modem during DTLS...

CVE-2023-33038

Memory corruption while receiving a message in Bus Socket Transport...

CVE-2022-40540

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux...

CVE-2022-33309

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP...

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer...

CVE-2022-33243

Memory corruption due to improper access control in Qualcomm...

CVE-2023-33116

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN...

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM...

CVE-2023-28562

Memory corruption while handling payloads from remote...

CVE-2022-34144

Transient DOS due to reachable assertion in Modem during OSI decode...

CVE-2023-28575

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...

CVE-2023-21630

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx...