qsm8250_firmware

qualcomm / apq8009_firmware+203

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Published Aug 8, 2023

Page 1 of 11

CVE-2022-25748

qualcomm / apq8009_firmware+272

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Oct 19, 2022

CVE-2021-35104

qualcomm / apq8009w_firmware+175

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jun 14, 2022

CVE-2022-40514

qualcomm / aqt1000_firmware+228

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Published Feb 12, 2023

CVE-2020-11170

qualcomm / apq8009_firmware+506

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Feb 22, 2021

CVE-2021-30351

qualcomm / apq8009_firmware+195

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2020-11182

qualcomm / aqt1000_firmware+267

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Published Jun 9, 2021

CVE-2022-33231

qualcomm / 8998_firmware+218

Memory corruption due to double free in core while initializing the encryption key.

Published Apr 13, 2023

CVE-2022-33232

qualcomm / aqt1000_firmware+110

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

Published Feb 12, 2023

CVE-2023-33072

qualcomm / 315_5g_iot_modem_firmware+247

Memory corruption in Core while processing control functions.

Published Feb 6, 2024

CVE-2022-33257

qualcomm / aqt1000_firmware+139

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Published Mar 10, 2023

CVE-2023-28578

qualcomm / 315_5g_iot_modem_firmware+339

Memory corruption in Core Services while executing the command for removing a single event listener.

Published Mar 4, 2024

CVE-2021-30276

qualcomm / ar8035_firmware+57

Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2023-21651

qualcomm / aqt1000_firmware+139

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

Published Aug 8, 2023

CVE-2021-1942

qualcomm / aqt1000_firmware+110

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Apr 1, 2022

CVE-2023-33030

qualcomm / 315_5g_iot_modem_firmware+300

Memory corruption in HLOS while running playready use-case.

Published Jan 2, 2024

CVE-2021-30285

qualcomm / ar8031_firmware+101

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jan 13, 2022

CVE-2022-33288

qualcomm / 315_5g_iot_modem_firmware+127

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

Published Apr 13, 2023

CVE-2021-30275

qualcomm / ar8031_firmware+126

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+268

Published Jan 3, 2022

CVE-2020-11301

CRITICAL9.1

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking