Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up
Qualcomm, Inc. Snapdragon

Version Snapdragon 439 Mobile Platform

OTHER 60 CVEs

Known Vulnerabilities

CVE-2024-43052

Memory corruption while processing API calls to NPU with invalid input.

HIGH CVSS 7.8 Published Dec 02, 2024

CVE-2024-38423

Memory corruption while processing GPU page table switch.

HIGH CVSS 7.8 Published Nov 04, 2024

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

HIGH CVSS 7.8 Published Nov 04, 2024

CVE-2024-38415

Memory corruption while handling session errors from firmware.

HIGH CVSS 7.8 Published Nov 04, 2024

CVE-2024-23385

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

HIGH CVSS 7.5 Published Nov 04, 2024

CVE-2024-33052

Memory corruption when user provides data for FM HCI command control operations.

HIGH CVSS 7.8 Published Sep 02, 2024

CVE-2024-33043

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

MEDIUM CVSS 5.5 Published Sep 02, 2024

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

HIGH CVSS 7.8 Published Sep 02, 2024

CVE-2024-23359

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.

HIGH CVSS 8.2 Published Sep 02, 2024

CVE-2024-23358

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

MEDIUM CVSS 6.2 Published Aug 05, 2024

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

HIGH CVSS 8.4 Published Jul 01, 2024

CVE-2024-21461

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

HIGH CVSS 8.4 Published Jul 01, 2024

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

CRITICAL CVSS 9.1 Published Jun 03, 2024

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

HIGH CVSS 7.8 Published May 06, 2024

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

HIGH CVSS 8.4 Published Apr 01, 2024

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

HIGH CVSS 8.4 Published Apr 01, 2024

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

HIGH CVSS 8.4 Published Apr 01, 2024

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

HIGH CVSS 8.4 Published Mar 04, 2024

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

HIGH CVSS 7.8 Published Feb 06, 2024

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

HIGH CVSS 8.4 Published Jan 02, 2024

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CRITICAL CVSS 9.3 Published Jan 02, 2024

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

HIGH CVSS 8.4 Published Dec 05, 2023

CVE-2023-33106

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

HIGH CVSS 8.4 Published Dec 05, 2023

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to DSP.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot allocation.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

HIGH CVSS 7.8 Published Nov 07, 2023

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP.

HIGH CVSS 7.8 Published Nov 07, 2023

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

CRITICAL CVSS 9.8 Published Nov 07, 2023

CVE-2023-28540

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

CRITICAL CVSS 9.1 Published Oct 03, 2023

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

HIGH CVSS 7.8 Published Oct 03, 2023

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

HIGH CVSS 8.2 Published Oct 03, 2023

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

HIGH CVSS 8.2 Published Oct 03, 2023

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

HIGH CVSS 8.2 Published Oct 03, 2023

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command submission.

HIGH CVSS 8.4 Published Sep 05, 2023

CVE-2023-33020

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.

HIGH CVSS 7.5 Published Sep 05, 2023

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.

HIGH CVSS 7.5 Published Sep 05, 2023

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

HIGH CVSS 7.8 Published Jul 04, 2023

CVE-2023-24851

Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

HIGH CVSS 7.8 Published Jul 04, 2023

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music playback.

HIGH CVSS 8.4 Published Jul 04, 2023

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

HIGH CVSS 7.8 Published Jul 04, 2023

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

HIGH CVSS 7.8 Published Jul 04, 2023

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

HIGH CVSS 7.5 Published Jul 04, 2023

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

MEDIUM CVSS 6.8 Published Jul 04, 2023

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use case.

HIGH CVSS 7.8 Published Jun 06, 2023

CVE-2022-40521

Transient DOS due to improper authorization in Modem

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

HIGH CVSS 7.9 Published Jun 06, 2023

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

HIGH CVSS 7.1 Published Jun 06, 2023

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

HIGH CVSS 7.5 Published May 02, 2023

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

HIGH CVSS 8.4 Published May 02, 2023

CVE-2023-21665

Memory corruption in Graphics while importing a file.

HIGH CVSS 8.4 Published May 02, 2023

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

HIGH CVSS 8.4 Published Apr 04, 2023

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

MEDIUM CVSS 6.8 Published Apr 04, 2023

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

MEDIUM CVSS 5.9 Published Apr 04, 2023

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

MEDIUM CVSS 6.8 Published Apr 04, 2023