Qualcomm Inc Snapdragon vulnerabilities

CVE-2025-21442 [HIGH] CWE-680 CVE-2025-21442: Memory corruption while transmitting packet mapping information with invalid header payload size. Memory corruption while transmitting packet mapping information with invalid header payload size.

CVE-2025-21438 [HIGH] CWE-125 CVE-2025-21438: Memory corruption while IOCTL call is invoked from user-space to read board data. Memory corruption while IOCTL call is invoked from user-space to read board data.

CVE-2025-21447 [HIGH] CWE-129 CVE-2025-21447: Memory corruption may occur while processing device IO control call for session control. Memory corruption may occur while processing device IO control call for session control.

CVE-2025-21425 [HIGH] CWE-284 CVE-2025-21425: Memory corruption may occur due top improper access control in HAB process. Memory corruption may occur due top improper access control in HAB process.

CVE-2024-45557 [HIGH] CWE-823 CVE-2024-45557: Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper va Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.

CVE-2024-45552 [HIGH] CWE-126 CVE-2024-45552: Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.

CVE-2025-21436 [HIGH] CWE-416 CVE-2025-21436: Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.

CVE-2025-21441 [HIGH] CWE-787 CVE-2025-21441: Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

CVE-2025-21430 [HIGH] CWE-126 CVE-2025-21430: Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec se Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.

CVE-2024-33058 [HIGH] CWE-1220 CVE-2024-33058: Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP.

CVE-2025-21429 [HIGH] CWE-126 CVE-2025-21429: Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.

CVE-2024-43067 [HIGH] CWE-367 CVE-2024-43067: Memory corruption occurs during the copying of read data from the EEPROM because the IO configuratio Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

CVE-2024-45549 [HIGH] CWE-497 CVE-2024-45549: Information disclosure while creating MQ channels. Information disclosure while creating MQ channels.

CVE-2025-21434 [HIGH] CWE-126 CVE-2025-21434: Transient DOS may occur while parsing EHT operation IE or EHT capability IE. Transient DOS may occur while parsing EHT operation IE or EHT capability IE.

CVE-2024-43058 [HIGH] CWE-704 Incorrect Type Conversion or Cast in Multimedia Frameworks Incorrect Type Conversion or Cast in Multimedia Frameworks Memory corruption while processing IOCTL calls.

CVE-2025-21423 [HIGH] CWE-129 CVE-2025-21423: Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.

CVE-2025-21428 [HIGH] CWE-126 CVE-2025-21428: Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the A Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.

CVE-2025-21439 [HIGH] CWE-787 CVE-2025-21439: Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.

CVE-2025-21431 [MEDIUM] CWE-367 CVE-2025-21431: Information disclosure may be there when a guest VM is connected. Information disclosure may be there when a guest VM is connected.

CVE-2024-45556 [MEDIUM] CWE-1262 CVE-2024-45556: Cryptographic issue may arise because the access control configuration permits Linux to read key reg Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.