Qualcomm Inc Snapdragon vulnerabilities

CVE-2024-21476 [HIGH] CWE-20 CVE-2024-21476: Memory corruption when the channel ID passed by user is not validated and further used. Memory corruption when the channel ID passed by user is not validated and further used.

CVE-2023-43527 [MEDIUM] CWE-126 CVE-2023-43527: Information disclosure while parsing dts header atom in Video. Information disclosure while parsing dts header atom in Video.

CVE-2023-43528 [MEDIUM] CWE-126 CVE-2023-43528: Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manag Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

CVE-2024-21473 [CRITICAL] CWE-20 CVE-2024-21473: Memory corruption while redirecting log file to any file location with any file name. Memory corruption while redirecting log file to any file location with any file name.

CVE-2024-21463 [CRITICAL] CWE-120 CVE-2024-21463: Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

CVE-2023-28547 [HIGH] CWE-120 CVE-2023-28547: Memory corruption in SPS Application while requesting for public key in sorter TA. Memory corruption in SPS Application while requesting for public key in sorter TA.

CVE-2024-21468 [HIGH] CWE-416 CVE-2024-21468: Memory corruption when there is failed unmap operation in GPU. Memory corruption when there is failed unmap operation in GPU.

CVE-2023-33115 [HIGH] CWE-126 CVE-2023-33115: Memory corruption while processing buffer initialization, when trusted report for certain report typ Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

CVE-2023-33023 [HIGH] CWE-120 CVE-2023-33023: Memory corruption while processing finish_sign command to pass a rsp buffer. Memory corruption while processing finish_sign command to pass a rsp buffer.

CVE-2023-33100 [HIGH] CWE-20 CVE-2023-33100: Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP s Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.

CVE-2023-33101 [HIGH] CWE-704 CVE-2023-33101: Transient DOS while processing DL NAS TRANSPORT message with payload length 0. Transient DOS while processing DL NAS TRANSPORT message with payload length 0.

CVE-2023-43515 [HIGH] CWE-120 CVE-2023-43515: Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_F Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

CVE-2024-21453 [HIGH] CWE-20 CVE-2024-21453: Transient DOS while decoding message of size that exceeds the available system memory. Transient DOS while decoding message of size that exceeds the available system memory.

CVE-2024-21452 [HIGH] CWE-20 CVE-2024-21452: Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions. Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.

CVE-2024-21470 [HIGH] CWE-680 CVE-2024-21470: Memory corruption while allocating memory for graphics. Memory corruption while allocating memory for graphics.

CVE-2023-33099 [HIGH] CWE-20 CVE-2023-33099: Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

CVE-2024-21454 [HIGH] CWE-680 CVE-2024-21454: Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.

CVE-2024-21472 [HIGH] CWE-416 CVE-2024-21472: Memory corruption in Kernel while handling GPU operations. Memory corruption in Kernel while handling GPU operations.

CVE-2023-33111 [MEDIUM] CWE-129 CVE-2023-33111: Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the r Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.

CVE-2023-43552 [CRITICAL] CWE-416 CVE-2023-43552: Memory corruption while processing MBSSID beacon containing several subelement IE. Memory corruption while processing MBSSID beacon containing several subelement IE.