fsm10056_firmware

Published Mar 17, 2021

Page 1 of 7

CVE-2021-1972

qualcomm / apq8009_firmware+276

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Sep 8, 2021

CVE-2021-30351

qualcomm / apq8009_firmware+195

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2021-1975

qualcomm / apq8009_firmware+179

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published Nov 12, 2021

CVE-2021-1976

qualcomm / apq8009_firmware+246

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Sep 17, 2021

CVE-2021-35104

qualcomm / apq8009w_firmware+175

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jun 14, 2022

CVE-2021-30285

qualcomm / ar8031_firmware+101

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jan 13, 2022

CVE-2022-33231

qualcomm / 8998_firmware+218

Memory corruption due to double free in core while initializing the encryption key.

Published Apr 13, 2023

CVE-2021-1942

qualcomm / aqt1000_firmware+110

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Apr 1, 2022

CVE-2023-28578

qualcomm / 315_5g_iot_modem_firmware+339

Memory corruption in Core Services while executing the command for removing a single event listener.

Published Mar 4, 2024

CVE-2021-30275

qualcomm / ar8031_firmware+126

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2023-33032

qualcomm / 9205_lte_modem_firmware+119

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

Published Jan 2, 2024

CVE-2023-33030

qualcomm / 315_5g_iot_modem_firmware+300

Memory corruption in HLOS while running playready use-case.

qualcomm / apq8009w_firmware+94

Published Jan 2, 2024

CVE-2021-30342

CRITICAL9.1

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / apq8009_firmware+316

Published Jun 14, 2022

CVE-2021-1924

CRITICAL9.0

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Nov 12, 2021

CVE-2024-33045

qualcomm / ar8035_firmware+179

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

Published Sep 2, 2024

CVE-2021-1890

qualcomm / apq8017_firmware+157

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published Jul 13, 2021

CVE-2023-24853

qualcomm / ar8035_firmware+112

Memory Corruption in HLOS while registering for key provisioning notify.

Published Oct 3, 2023

CVE-2021-30262

qualcomm / apq8009w_firmware+104

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Jan 3, 2022

CVE-2022-40520

qualcomm / apq8064au_firmware+147

Memory corruption due to stack-based buffer overflow in Core