Qualcomm Inc Snapdragon vulnerabilities

CVE-2023-28542 [HIGH] CWE-126 CVE-2023-28542: Memory Corruption in WLAN HOST while fetching TX status information. Memory Corruption in WLAN HOST while fetching TX status information.

CVE-2023-21638 [HIGH] CWE-704 CVE-2023-21638: Memory corruption in Video while calling APIs with different instance ID than the one received in in Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.

CVE-2023-21633 [HIGH] CWE-119 CVE-2023-21633: Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

CVE-2023-28541 [HIGH] CWE-126 CVE-2023-28541: Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

CVE-2023-22667 [HIGH] CWE-190 CVE-2023-22667: Memory Corruption in Audio while allocating the ion buffer during the music playback. Memory Corruption in Audio while allocating the ion buffer during the music playback.

CVE-2023-21624 [MEDIUM] CWE-200 CVE-2023-21624: Information disclosure in DSP Services while loading dynamic module. Information disclosure in DSP Services while loading dynamic module.

CVE-2023-21629 [MEDIUM] CWE-415 CVE-2023-21629: Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

CVE-2022-33240 [HIGH] CWE-704 CVE-2022-33240: Memory corruption in Audio due to incorrect type cast during audio use-cases. Memory corruption in Audio due to incorrect type cast during audio use-cases.

CVE-2023-21628 [HIGH] CWE-119 CVE-2023-21628: Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

CVE-2023-21669 [HIGH] CWE-126 CVE-2023-21669: Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source ad Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

CVE-2022-40538 [HIGH] CWE-617 CVE-2022-40538: Transient DOS due to reachable assertion in modem while processing sib with incorrect values from ne Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

CVE-2022-40507 [HIGH] CWE-415 CVE-2022-40507: Memory corruption due to double free in Core while mapping HLOS address to the list. Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2022-33227 [HIGH] CWE-415 CVE-2022-33227: Memory corruption in Linux android due to double free while calling unregister provider after regist Memory corruption in Linux android due to double free while calling unregister provider after register call.

CVE-2023-21657 [HIGH] CWE-20 CVE-2023-21657: Memoru corruption in Audio when ADSP sends input during record use case. Memoru corruption in Audio when ADSP sends input during record use case.

CVE-2022-33226 [HIGH] CWE-120 CVE-2022-33226: Memory corruption due to buffer copy without checking the size of input in Core while processing ioc Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

CVE-2022-22060 [HIGH] CWE-617 CVE-2022-22060: Assertion occurs while processing Reconfiguration message due to improper validation Assertion occurs while processing Reconfiguration message due to improper validation

CVE-2023-21659 [HIGH] CWE-126 CVE-2023-21659: Transient DOS in WLAN Firmware while processing frames with missing header fields. Transient DOS in WLAN Firmware while processing frames with missing header fields.

CVE-2023-21670 [HIGH] CWE-284 CVE-2023-21670: Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

CVE-2023-21658 [HIGH] CWE-126 CVE-2023-21658: Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

CVE-2022-33224 [HIGH] CWE-120 CVE-2022-33224: Memory corruption in core due to buffer copy without check9ing the size of input while processing io Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.