qualcomm sd695_firmware v0 - 10 CVEs

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

HIGH CVSS 7.7 Published Aug 08, 2023

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

CRITICAL CVSS 9.3 Published Aug 08, 2023

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

MEDIUM CVSS 6.7 Published Aug 08, 2023

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

CRITICAL CVSS 9.8 Published Aug 08, 2023

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

HIGH CVSS 7.3 Published Mar 07, 2023

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

CRITICAL CVSS 9.3 Published Mar 07, 2023

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

HIGH CVSS 7.8 Published Mar 07, 2023

Memory corruption in modem due to buffer overflow while processing a PPP packet

HIGH CVSS 7.5 Published Mar 07, 2023

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

HIGH CVSS 7.5 Published Feb 09, 2023

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

HIGH CVSS 8.2 Published Feb 09, 2023

Version 0