Qualcomm Inc Snapdragon vulnerabilities

CVE-2024-43060 [HIGH] CWE-823 CVE-2024-43060: Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

CVE-2024-53027 [HIGH] CWE-120 CVE-2024-53027: Transient DOS may occur while processing the country IE. Transient DOS may occur while processing the country IE.

CVE-2024-53030 [HIGH] CWE-20 CVE-2024-53030: Memory corruption while processing input message passed from FE driver. Memory corruption while processing input message passed from FE driver.

CVE-2024-53034 [HIGH] CWE-822 CVE-2024-53034: Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object h Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

CVE-2024-53028 [HIGH] CWE-367 CVE-2024-53028: Memory corruption may occur while processing message from frontend during allocation. Memory corruption may occur while processing message from frontend during allocation.

CVE-2024-49836 [HIGH] CWE-129 CVE-2024-49836: Memory corruption may occur during the synchronization of the camera`s frame processing pipeline. Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.

CVE-2024-53029 [HIGH] CWE-20 CVE-2024-53029: Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.

CVE-2024-43059 [HIGH] CWE-416 CVE-2024-43059: Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

CVE-2024-53012 [HIGH] CWE-20 CVE-2024-53012: Memory corruption may occur due to improper input validation in clock device. Memory corruption may occur due to improper input validation in clock device.

CVE-2024-38426 [MEDIUM] CWE-287 CVE-2024-38426: While processing the authentication message in UE, improper authentication may lead to information d While processing the authentication message in UE, improper authentication may lead to information disclosure.

CVE-2024-53025 [MEDIUM] CWE-190 CVE-2024-53025: Transient DOS can occur while processing UCI command. Transient DOS can occur while processing UCI command.

CVE-2024-43056 [MEDIUM] CWE-126 CVE-2024-43056: Transient DOS during hypervisor virtual I/O operation in a virtual machine. Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2024-43051 [MEDIUM] CWE-285 CVE-2024-43051: Information disclosure while deriving keys for a session for any Widevine use case. Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2024-49839 [CRITICAL] CWE-126 CVE-2024-49839: Memory corruption during management frame processing due to mismatch in T2LM info element. Memory corruption during management frame processing due to mismatch in T2LM info element.

CVE-2024-45569 [CRITICAL] CWE-129 CVE-2024-45569: Memory corruption while parsing the ML IE due to invalid frame content. Memory corruption while parsing the ML IE due to invalid frame content.

CVE-2024-49840 [HIGH] CWE-823 CVE-2024-49840: Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decrypti Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.

CVE-2024-45573 [HIGH] CWE-823 CVE-2024-45573: Memory corruption may occour while generating test pattern due to negative indexing of display ID. Memory corruption may occour while generating test pattern due to negative indexing of display ID.

CVE-2024-38412 [HIGH] CWE-416 CVE-2024-38412: Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session error Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.

CVE-2024-49834 [HIGH] CWE-129 CVE-2024-49834: Memory corruption while power-up or power-down sequence of the camera sensor. Memory corruption while power-up or power-down sequence of the camera sensor.

CVE-2024-45582 [HIGH] CWE-129 CVE-2024-45582: Memory corruption while validating number of devices in Camera kernel . Memory corruption while validating number of devices in Camera kernel .