Qualcomm Inc Snapdragon vulnerabilities

CVE-2024-23363 [HIGH] CWE-126 CVE-2024-23363: Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame. Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

CVE-2023-43538 [HIGH] CWE-120 CVE-2023-43538: Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization. Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

CVE-2023-43556 [HIGH] CWE-120 CVE-2023-43556: Memory corruption in Hypervisor when platform information mentioned is not aligned. Memory corruption in Hypervisor when platform information mentioned is not aligned.

CVE-2023-43537 [HIGH] CWE-126 CVE-2023-43537: Information disclosure while handling T2LM Action Frame in WLAN Host. Information disclosure while handling T2LM Action Frame in WLAN Host.

CVE-2024-21478 [MEDIUM] CWE-704 CVE-2024-21478: transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.

CVE-2024-21480 [CRITICAL] CWE-120 CVE-2024-21480: Memory corruption while playing audio file having large-sized input buffer. Memory corruption while playing audio file having large-sized input buffer.

CVE-2024-21474 [HIGH] CWE-121 CVE-2024-21474: Memory corruption when size of buffer from previous call is used without validation or re-initializa Memory corruption when size of buffer from previous call is used without validation or re-initialization.

CVE-2024-21471 [HIGH] CWE-416 CVE-2024-21471: Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

CVE-2023-33119 [HIGH] CWE-367 CVE-2023-33119: Memory corruption while loading a VM from a signed VM image that is not coherent in the processor ca Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

CVE-2023-43529 [HIGH] CWE-617 CVE-2023-43529: Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packe Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

CVE-2023-43531 [HIGH] CWE-824 CVE-2023-43531: Memory corruption while verifying the serialized header when the key pairs are generated. Memory corruption while verifying the serialized header when the key pairs are generated.

CVE-2024-21477 [HIGH] CWE-126 CVE-2024-21477: Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

CVE-2023-43525 [HIGH] CWE-120 CVE-2023-43525: Memory corruption while copying the sound model data from user to kernel buffer during sound model r Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CVE-2023-43524 [HIGH] CWE-120 CVE-2023-43524: Memory corruption when the bandpass filter order received from AHAL is not within the expected range Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

CVE-2023-43530 [HIGH] CWE-190 CVE-2023-43530: Memory corruption in HLOS while checking for the storage type. Memory corruption in HLOS while checking for the storage type.

CVE-2023-43526 [HIGH] CWE-120 CVE-2023-43526: Memory corruption while querying module parameters from Listen Sound model client in kernel from use Memory corruption while querying module parameters from Listen Sound model client in kernel from user space.

CVE-2024-23354 [HIGH] CWE-416 CVE-2024-23354: Memory corruption when the IOCTL call is interrupted by a signal. Memory corruption when the IOCTL call is interrupted by a signal.

CVE-2024-21475 [HIGH] CWE-823 CVE-2024-21475: Memory corruption when the payload received from firmware is not as per the expected protocol size. Memory corruption when the payload received from firmware is not as per the expected protocol size.

CVE-2024-23351 [HIGH] CWE-284 CVE-2024-23351: Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC subm Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

CVE-2023-43521 [HIGH] CWE-416 CVE-2023-43521: Memory corruption when multiple listeners are being registered with the same file descriptor. Memory corruption when multiple listeners are being registered with the same file descriptor.