Total
718 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-23372 | 1 Qualcomm | 222 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 219 more | 2024-07-02 | N/A | 7.8 HIGH |
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size. | |||||
CVE-2024-23373 | 1 Qualcomm | 444 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 441 more | 2024-07-02 | N/A | 7.8 HIGH |
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. | |||||
CVE-2024-23380 | 1 Qualcomm | 212 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 209 more | 2024-07-02 | N/A | 7.8 HIGH |
Memory corruption while handling user packets during VBO bind operation. | |||||
CVE-2023-33063 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 559 more | 2024-06-17 | N/A | 7.8 HIGH |
Memory corruption in DSP Services during a remote call from HLOS to DSP. | |||||
CVE-2023-33106 | 1 Qualcomm | 306 Ar8035, Ar8035 Firmware, Csra6620 and 303 more | 2024-06-17 | N/A | 7.8 HIGH |
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | |||||
CVE-2023-33107 | 1 Qualcomm | 484 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 481 more | 2024-06-17 | N/A | 7.8 HIGH |
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. | |||||
CVE-2023-33059 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 515 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Audio while processing the VOC packet data from ADSP. | |||||
CVE-2023-33055 | 1 Qualcomm | 304 Apq5053-aa, Apq5053-aa Firmware, Aqt1000 and 301 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory Corruption in Audio while invoking callback function in driver from ADSP. | |||||
CVE-2023-33047 | 1 Qualcomm | 356 Ar8035, Ar8035 Firmware, Ar9380 and 353 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while parsing no-inherit IES. | |||||
CVE-2023-33035 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption while invoking callback function of AFE from ADSP. | |||||
CVE-2023-33034 | 1 Qualcomm | 128 Apq5053-aa, Apq5053-aa Firmware, Csra6620 and 125 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption while parsing the ADSP response command. | |||||
CVE-2023-33031 | 1 Qualcomm | 330 Apq5053-aa, Apq5053-aa Firmware, Apq8009 and 327 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. | |||||
CVE-2023-33029 | 1 Qualcomm | 264 Apq8009, Apq8009 Firmware, Ar8035 and 261 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in DSP Service during a remote call from HLOS to DSP. | |||||
CVE-2023-33028 | 1 Qualcomm | 352 Ar8035, Ar8035 Firmware, Ar9380 and 349 more | 2024-04-12 | N/A | 9.8 CRITICAL |
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. | |||||
CVE-2023-33027 | 1 Qualcomm | 656 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 653 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while parsing rsn ies. | |||||
CVE-2023-33026 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Ar9380 and 387 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while parsing a NAN management frame. | |||||
CVE-2023-33021 | 1 Qualcomm | 336 Apq8064au, Apq8064au Firmware, Aqt1000 and 333 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Graphics while processing user packets for command submission. | |||||
CVE-2023-33015 | 1 Qualcomm | 388 315 5g, 315 5g Firmware, Aqt1000 and 385 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. | |||||
CVE-2023-28584 | 1 Qualcomm | 144 Aqt1000, Aqt1000 Firmware, Csrb31024 and 141 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA). | |||||
CVE-2023-28577 | 1 Qualcomm | 62 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 59 more | 2024-04-12 | N/A | 7.8 HIGH |
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address. |