Qualcomm Inc Snapdragon vulnerabilities

CVE-2024-49832 [HIGH] CWE-129 CVE-2024-49832: Memory corruption in Camera due to unusually high number of nodes passed to AXI port. Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

CVE-2024-45571 [HIGH] CWE-416 CVE-2024-45571: Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command f Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

CVE-2024-38420 [HIGH] CWE-20 CVE-2024-38420: Memory corruption while configuring a Hypervisor based input virtual device. Memory corruption while configuring a Hypervisor based input virtual device.

CVE-2024-49837 [HIGH] CWE-129 CVE-2024-49837: Memory corruption while reading CPU state data during guest VM suspend. Memory corruption while reading CPU state data during guest VM suspend.

CVE-2024-38418 [HIGH] CWE-367 CVE-2024-38418: Memory corruption while parsing the memory map info in IOCTL calls. Memory corruption while parsing the memory map info in IOCTL calls.

CVE-2024-38404 [HIGH] CWE-126 CVE-2024-38404: Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

CVE-2024-49843 [HIGH] CWE-129 CVE-2024-49843: Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.

CVE-2024-38411 [HIGH] CWE-416 CVE-2024-38411: Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.

CVE-2024-49838 [HIGH] CWE-126 CVE-2024-49838: Information disclosure while parsing the OCI IE with invalid length. Information disclosure while parsing the OCI IE with invalid length.

CVE-2024-45560 [HIGH] CWE-367 CVE-2024-45560: Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

CVE-2024-49833 [HIGH] CWE-129 CVE-2024-49833: Memory corruption can occur in the camera when an invalid CID is used. Memory corruption can occur in the camera when an invalid CID is used.

CVE-2024-45584 [HIGH] CWE-822 CVE-2024-45584: Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspa Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

CVE-2024-45561 [HIGH] CWE-126 CVE-2024-45561: Memory corruption while handling IOCTL call from user-space to set latency level. Memory corruption while handling IOCTL call from user-space to set latency level.

CVE-2024-38416 [MEDIUM] CWE-126 Buffer Over-read in Audio Buffer Over-read in Audio Information disclosure during audio playback.

CVE-2024-38417 [MEDIUM] CWE-126 CVE-2024-38417: Information disclosure while processing IO control commands. Information disclosure while processing IO control commands.

CVE-2024-38414 [MEDIUM] CWE-126 CVE-2024-38414: Information disclosure while processing information on firmware image during core initialization. Information disclosure while processing information on firmware image during core initialization.

CVE-2024-38413 [MEDIUM] CWE-20 Improper Input Validation in Computer Vision Improper Input Validation in Computer Vision Memory corruption while processing frame packets.

CVE-2024-45555 [HIGH] CWE-787 CVE-2024-45555: Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verific Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.

CVE-2024-33041 [HIGH] CWE-823 CVE-2024-33041: Memory corruption when input parameter validation for number of fences is missing for fence frame IO Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,

CVE-2024-45548 [HIGH] CWE-126 CVE-2024-45548: Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.