snapdragon 8 gen 1 mobile (qualcomm) — Vulnerabilities

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2025-27052HIGH 7.8

Memory corruption while processing data packets in diag received from Unix clients.

CVE-2025-27043HIGH 7.8

Memory corruption while processing manipulated payload in video firmware.

CVE-2025-27042HIGH 7.8

Memory corruption while processing video packets received from video firmware.

CVE-2025-21454HIGH 7.5

CVE-2025-21450CRITICAL 9.1

Transient DOS while processing received beacon frame.

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2025-21449HIGH 7.5

Transient DOS may occur while processing malformed length field in SSID IEs.

CVE-2025-21446HIGH 7.5

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-21433MEDIUM 6.2

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21432HIGH 7.8

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21427HIGH 8.2

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21422HIGH 7.1

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2024-53009MEDIUM 5.3

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21468HIGH 7.8

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

CVE-2025-21467HIGH 7.8

Memory corruption while reading the FW response from the shared queue.

CVE-2025-21453HIGH 7.8

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2024-49845HIGH 7.8

Memory corruption during the FRS UDS generation process.

CVE-2024-49844HIGH 7.8

Memory corruption while triggering commands in the PlayReady Trusted application.

CVE-2024-49842HIGH 7.8

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

CVE-2024-49841HIGH 7.8

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

CVE-2024-49835HIGH 7.8

Memory corruption while reading secure file.

CVE-2024-49829MEDIUM 6.7

Memory corruption can occur during context user dumps due to inadequate checks on buffer length.

CVE-2024-45579HIGH 7.8

Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.

CVE-2024-45578HIGH 7.8

Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.

CVE-2024-45577HIGH 7.8

Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.

CVE-2024-45576HIGH 7.8

Memory corruption while prociesing command buffer buffer in OPE module.

CVE-2024-45575HIGH 7.8

Memory corruption Camera kernel when large number of devices are attached through userspace.

CVE-2024-45570MEDIUM 6.6

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

CVE-2024-45567HIGH 7.8

Memory corruption while encoding JPEG format.

CVE-2024-45566HIGH 7.8

Memory corruption during concurrent buffer access due to modification of the reference count.

CVE-2024-45564HIGH 7.8

Memory corruption during concurrent access to server info object due to incorrect reference count update.

CVE-2024-45563MEDIUM 6.6

Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session.

CVE-2024-45562MEDIUM 6.6

Memory corruption during concurrent access to server info object due to unprotected critical field.

CVE-2024-45554HIGH 7.8

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

CVE-2024-49838HIGH 8.2

Information disclosure while parsing the OCI IE with invalid length.

CVE-2024-49834HIGH 7.8

Memory corruption while power-up or power-down sequence of the camera sensor.

CVE-2024-49833HIGH 7.8

Memory corruption can occur in the camera when an invalid CID is used.

CVE-2024-49832HIGH 7.8

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

CVE-2024-45582HIGH 7.8

Memory corruption while validating number of devices in Camera kernel .

CVE-2024-38420HIGH 8.8

Memory corruption while configuring a Hypervisor based input virtual device.

CVE-2024-38418HIGH 7.8

Memory corruption while parsing the memory map info in IOCTL calls.

CVE-2024-38417MEDIUM 6.1

Information disclosure while processing IO control commands.

CVE-2024-38414MEDIUM 6.1

CVE-2024-43047HIGH 7.8KEV

Information disclosure while processing information on firmware image during core initialization.

CVE-2024-45553HIGH 7.8

Jan 6, 2025

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Oct 7, 2024

Memory corruption while maintaining memory maps of HLOS memory.

CVE-2024-38402HIGH 7.8

Sep 2, 2024

Memory corruption while processing IOCTL call for getting group info.

CVE-2024-33060HIGH 8.4

Sep 2, 2024

Memory corruption when two threads try to map and unmap a single node simultaneously.

CVE-2024-33052HIGH 7.8

Sep 2, 2024

Memory corruption when user provides data for FM HCI command control operations.

CVE-2024-23363HIGH 7.5

CVE-2023-43556CRITICAL 9.3

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

Memory corruption in Hypervisor when platform information mentioned is not aligned.

CVE-2023-43555HIGH 8.2

CVE-2023-43551CRITICAL 9.1

Information disclosure in Video while parsing mp2 clip with invalid section length.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

CVE-2023-43542HIGH 7.8

CVE-2023-43538CRITICAL 9.3

Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

CVE-2024-23354HIGH 8.4

Memory corruption when the IOCTL call is interrupted by a signal.

CVE-2024-23351HIGH 8.4

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

CVE-2024-21480HIGH 7.3

Memory corruption while playing audio file having large-sized input buffer.

CVE-2024-21477HIGH 7.5

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

CVE-2024-21475HIGH 7.8

Memory corruption when the payload received from firmware is not as per the expected protocol size.

CVE-2024-21471HIGH 8.4

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

CVE-2023-43531HIGH 8.4

Memory corruption while verifying the serialized header when the key pairs are generated.

CVE-2023-43530MEDIUM 5.9

Memory corruption in HLOS while checking for the storage type.

CVE-2023-43529HIGH 7.5

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

CVE-2023-43527MEDIUM 6.8

Information disclosure while parsing dts header atom in Video.

CVE-2023-43521MEDIUM 6.7

Memory corruption when multiple listeners are being registered with the same file descriptor.

CVE-2023-33119HIGH 8.4

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

CVE-2024-21472HIGH 8.4

Memory corruption in Kernel while handling GPU operations.

CVE-2024-21468HIGH 8.4

Memory corruption when there is failed unmap operation in GPU.

CVE-2024-21463HIGH 7.3

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

CVE-2023-43515MEDIUM 6.6

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

CVE-2023-33115HIGH 7.8

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

CVE-2023-33101HIGH 7.5

Transient DOS while processing DL NAS TRANSPORT message with payload length 0.

CVE-2023-33100HIGH 7.5

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.

CVE-2023-33099HIGH 7.5

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

CVE-2023-33023HIGH 8.4

Memory corruption while processing finish_sign command to pass a rsp buffer.

CVE-2023-28547HIGH 8.4

Memory corruption in SPS Application while requesting for public key in sorter TA.

CVE-2023-43550HIGH 7.8

Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.

CVE-2023-43549HIGH 8.4

Memory corruption while processing TPC target power table in FTM TPC.

CVE-2023-43548HIGH 7.3

Memory corruption while parsing qcp clip with invalid chunk data size.

CVE-2023-43539HIGH 7.5

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

CVE-2023-33104HIGH 7.5

Transient DOS while processing PDU Release command with a parameter PDU ID out of range.

CVE-2023-33096HIGH 7.5

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.

CVE-2023-33095HIGH 7.5

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.

CVE-2023-33086HIGH 7.5

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

CVE-2023-33066HIGH 8.4

CVE-2023-28578CRITICAL 9.3

Memory corruption in Audio while processing RT proxy port register driver.