Qualcomm Inc Snapdragon vulnerabilities

CVE-2024-45544 [MEDIUM] CWE-416 CVE-2024-45544: Memory corruption while processing IOCTL calls to add route entry in the HW. Memory corruption while processing IOCTL calls to add route entry in the HW.

CVE-2024-45540 [MEDIUM] CWE-416 CVE-2024-45540: Memory corruption while invoking IOCTL map buffer request from userspace. Memory corruption while invoking IOCTL map buffer request from userspace.

CVE-2024-49848 [MEDIUM] CWE-416 CVE-2024-49848: Memory corruption while processing multiple IOCTL calls from HLOS to DSP. Memory corruption while processing multiple IOCTL calls from HLOS to DSP.

CVE-2024-43046 [MEDIUM] CWE-200 CVE-2024-43046: There may be information disclosure during memory re-allocation in TZ Secure OS. There may be information disclosure during memory re-allocation in TZ Secure OS.

CVE-2024-45543 [MEDIUM] CWE-787 CVE-2024-45543: Memory corruption while accessing MSM channel map and mixer functions. Memory corruption while accessing MSM channel map and mixer functions.

CVE-2024-45551 [MEDIUM] CWE-1390 CVE-2024-45551: Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.

CVE-2024-53031 [HIGH] CWE-20 CVE-2024-53031: Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.

CVE-2024-53024 [HIGH] CWE-476 CVE-2024-53024: Memory corruption in display driver while detaching a device. Memory corruption in display driver while detaching a device.

CVE-2024-43057 [HIGH] CWE-416 CVE-2024-43057: Memory corruption while processing command in Glink linux. Memory corruption while processing command in Glink linux.

CVE-2025-21424 [HIGH] CWE-416 CVE-2025-21424: Memory corruption while calling the NPU driver APIs concurrently. Memory corruption while calling the NPU driver APIs concurrently.

CVE-2024-43055 [HIGH] CWE-120 CVE-2024-43055: Memory corruption while processing camera use case IOCTL call. Memory corruption while processing camera use case IOCTL call.

CVE-2024-53032 [HIGH] CWE-367 CVE-2024-53032: Memory corruption may occur in keyboard virtual device due to guest VM interaction. Memory corruption may occur in keyboard virtual device due to guest VM interaction.

CVE-2024-43061 [HIGH] CWE-416 CVE-2024-43061: Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

CVE-2024-45580 [HIGH] CWE-416 CVE-2024-45580: Memory corruption while handling multuple IOCTL calls from userspace for remote invocation. Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

CVE-2024-53014 [HIGH] CWE-129 CVE-2024-53014: Memory corruption may occur while validating ports and channels in Audio driver. Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2024-43062 [HIGH] CWE-416 CVE-2024-43062: Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization. Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

CVE-2024-53011 [HIGH] CWE-264 CVE-2024-53011: Information disclosure may occur due to improper permission and access controls to Video Analytics e Information disclosure may occur due to improper permission and access controls to Video Analytics engine.

CVE-2024-53022 [HIGH] CWE-20 CVE-2024-53022: Memory corruption may occur during communication between primary and guest VM. Memory corruption may occur during communication between primary and guest VM.

CVE-2024-53023 [HIGH] CWE-416 CVE-2024-53023: Memory corruption may occur while accessing a variable during extended back to back tests. Memory corruption may occur while accessing a variable during extended back to back tests.

CVE-2024-53033 [HIGH] CWE-822 CVE-2024-53033: Memory corruption while doing Escape call when user provides valid kernel address in the place of va Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.