Qualcomm Inc Snapdragon vulnerabilities

CVE-2017-18307 [MEDIUM] CWE-200 CVE-2017-18307: Information disclosure possible while audio playback. Information disclosure possible while audio playback.

CVE-2017-9711 [HIGH] CWE-264 CVE-2017-9711: Certain unprivileged processes are able to perform IOCTL calls. Certain unprivileged processes are able to perform IOCTL calls.

CVE-2021-30299 [MEDIUM] CWE-20 CVE-2021-30299: Possible out of bound access in audio module due to lack of validation of user provided input. Possible out of bound access in audio module due to lack of validation of user provided input.

CVE-2024-38408 [CRITICAL] CWE-310 CVE-2024-38408: Cryptographic issue when a controller receives an LMP start encryption command under unexpected cond Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

CVE-2024-38422 [HIGH] CWE-680 CVE-2024-38422: Memory corruption while processing voice packet with arbitrary data received from ADSP. Memory corruption while processing voice packet with arbitrary data received from ADSP.

CVE-2024-38407 [HIGH] CWE-367 CVE-2024-38407: Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.

CVE-2024-38423 [HIGH] CWE-120 CVE-2024-38423: Memory corruption while processing GPU page table switch. Memory corruption while processing GPU page table switch.

CVE-2024-38415 [HIGH] CWE-416 CVE-2024-38415: Memory corruption while handling session errors from firmware. Memory corruption while handling session errors from firmware.

CVE-2024-33033 [HIGH] CWE-416 CVE-2024-33033: Memory corruption while processing IOCTL calls to unmap the buffers. Memory corruption while processing IOCTL calls to unmap the buffers.

CVE-2024-38419 [HIGH] CWE-416 CVE-2024-38419: Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

CVE-2024-38421 [HIGH] CWE-416 Use After Free in Graphics Linux Use After Free in Graphics Linux Memory corruption while processing GPU commands.

CVE-2024-38406 [HIGH] CWE-367 CVE-2024-38406: Memory corruption while handling IOCTL calls in JPEG Encoder driver. Memory corruption while handling IOCTL calls in JPEG Encoder driver.

CVE-2024-38424 [HIGH] CWE-416 CVE-2024-38424: Memory corruption during GNSS HAL process initialization. Memory corruption during GNSS HAL process initialization.

CVE-2024-38410 [HIGH] CWE-121 CVE-2024-38410: Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer m Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.

CVE-2024-38409 [HIGH] CWE-120 CVE-2024-38409: Memory corruption while station LL statistic handling. Memory corruption while station LL statistic handling.

CVE-2024-33032 [MEDIUM] CWE-129 CVE-2024-33032: Memory corruption when the user application modifies the same shared memory asynchronously when kern Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.

CVE-2024-38403 [MEDIUM] CWE-126 CVE-2024-38403: Transient DOS while parsing BTM ML IE when per STA profile is not included. Transient DOS while parsing BTM ML IE when per STA profile is not included.

CVE-2024-33068 [MEDIUM] CWE-416 CVE-2024-33068: Transient DOS while parsing fragments of MBSSID IE from beacon frame. Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-33029 [MEDIUM] CWE-416 CVE-2024-33029: Memory corruption while handling the PDR in driver for getting the remote heap maps. Memory corruption while handling the PDR in driver for getting the remote heap maps.

CVE-2024-38405 [MEDIUM] CWE-126 CVE-2024-38405: Transient DOS while processing the CU information from RNR IE. Transient DOS while processing the CU information from RNR IE.