sdx65_firmware

Published Feb 12, 2023

Page 1 of 10

CVE-2021-35104

qualcomm / apq8009w_firmware+175

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CVE-2021-35081

qualcomm / aqt1000_firmware+72

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2021-1975

qualcomm / apq8009_firmware+179

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published Nov 12, 2021

CVE-2021-30351

qualcomm / apq8009_firmware+195

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2021-30341

qualcomm / apq8009w_firmware+119

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

CVE-2022-25720

qualcomm / apq8009_firmware+184

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published Oct 19, 2022

CVE-2022-25748

qualcomm / apq8009_firmware+272

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Oct 19, 2022

CVE-2022-40510

qualcomm / apq8009_firmware+203

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Published Aug 8, 2023

CVE-2022-33256

qualcomm / ar8035_firmware+64

Memory corruption due to improper validation of array index in Multi-mode call processor.

Published Mar 10, 2023

CVE-2022-33232

qualcomm / aqt1000_firmware+110

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

Published Feb 12, 2023

CVE-2021-35122

qualcomm / aqt1000_firmware+100

Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published Sep 2, 2022

CVE-2022-33257

qualcomm / aqt1000_firmware+139

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Published Mar 10, 2023

CVE-2023-21651

qualcomm / aqt1000_firmware+139

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

qualcomm / ar8035_firmware+63

Published Aug 8, 2023

CVE-2021-30347

CRITICAL9.1

Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

qualcomm / ar8035_firmware+63

CVE-2021-30343

CRITICAL9.1

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

qualcomm / ar8035_firmware+54

CVE-2021-30339

CRITICAL9.0

Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / ar8035_firmware+48

CVE-2021-35075

HIGH8.4

Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

qualcomm / ar8035_firmware+9

Published Feb 11, 2022

CVE-2021-35095

HIGH8.4

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile

qualcomm / ar8035_firmware+22

CVE-2022-22089

HIGH8.4

Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables