mdm9615m_firmware

Published Sep 8, 2021

Page 1 of 2

CVE-2021-1972

qualcomm / apq8009_firmware+276

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Sep 8, 2021

CVE-2021-1916

qualcomm / apq8009_firmware+182

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published Sep 8, 2021

CVE-2020-11170

qualcomm / apq8009_firmware+506

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Feb 22, 2021

CVE-2022-25720

qualcomm / apq8009_firmware+184

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Oct 19, 2022

CVE-2021-1975

qualcomm / apq8009_firmware+179

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / apq8009_firmware+408

Published Nov 12, 2021

CVE-2020-11166

CRITICAL9.1

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / apq8009_firmware+408

Published Mar 17, 2021

CVE-2020-11177

HIGH8.8

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Feb 22, 2021

CVE-2021-35115

qualcomm / apq8096au_firmware+27

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Published Apr 1, 2022

CVE-2023-33066

qualcomm / 315_5g_iot_modem_firmware+312

Memory corruption in Audio while processing RT proxy port register driver.

Published Mar 4, 2024

CVE-2021-30261

qualcomm / apq8009_firmware+181

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Sep 17, 2021

CVE-2022-25694

qualcomm / apq8009w_firmware+207

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Published Mar 10, 2023

CVE-2022-25682

qualcomm / apq8009_firmware+203

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / 315_5g_iot_modem_firmware+243

Published Dec 13, 2022

CVE-2023-24848

HIGH8.2

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

qualcomm / 315_5g_iot_modem_firmware+237

Published Oct 3, 2023

CVE-2023-24849

HIGH8.2

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

qualcomm / 315_5g_iot_modem_firmware+241

Published Oct 3, 2023

CVE-2022-33264

HIGH7.9

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Published Jun 6, 2023

CVE-2023-33018

qualcomm / 315_5g_iot_modem_firmware+262

Memory corruption while using the UIM diag command to get the operators name.

Published Dec 5, 2023

CVE-2021-30268

qualcomm / apq8009w_firmware+136

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Jan 3, 2022

CVE-2021-1973

qualcomm / apq8009_firmware+196

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Nov 12, 2021

CVE-2020-11292

qualcomm / apq8009_firmware+176

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables