sm6375_firmware

Page 1 of 7

CVE-2021-1975

qualcomm / apq8009_firmware+179

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published Nov 12, 2021

CVE-2021-30351

qualcomm / apq8009_firmware+195

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2021-30341

qualcomm / apq8009w_firmware+119

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

CVE-2021-35081

qualcomm / aqt1000_firmware+72

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2021-30317

qualcomm / aqt1000_firmware+113

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Feb 11, 2022

CVE-2021-1942

qualcomm / aqt1000_firmware+110

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Apr 1, 2022

CVE-2021-30276

qualcomm / ar8035_firmware+57

Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2021-30285

qualcomm / ar8031_firmware+101

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jan 13, 2022

CVE-2021-30275

qualcomm / ar8031_firmware+126

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2022-33231

qualcomm / 8998_firmware+218

Memory corruption due to double free in core while initializing the encryption key.

Published Apr 13, 2023

CVE-2021-30347

qualcomm / ar8035_firmware+63

Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-30343

qualcomm / ar8035_firmware+63

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2023-28540

qualcomm / 315_5g_iot_modem_firmware+151

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Published Oct 3, 2023

CVE-2023-33054

qualcomm / 315_5g_iot_modem_firmware+167

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

qualcomm / ar8035_firmware+54

Published Dec 5, 2023

CVE-2021-30339

CRITICAL9.0

Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+316

CVE-2021-1924

CRITICAL9.0

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / aqt1000_firmware+31

Published Nov 12, 2021

CVE-2021-35123

HIGH8.8

Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT

Adjacent

qualcomm / 315_5g_iot_modem_firmware+352

CVE-2022-40532

HIGH8.4

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

qualcomm / ar8035_firmware+48

Published Apr 13, 2023

CVE-2021-35075

HIGH8.4

Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile