Qualcomm Inc Snapdragon vulnerabilities

CVE-2022-33281 [HIGH] CWE-129 CVE-2022-33281: Memory corruption due to improper validation of array index in computer vision while testing EVA ker Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.

CVE-2023-21665 [HIGH] CWE-704 CVE-2023-21665: Memory corruption in Graphics while importing a file. Memory corruption in Graphics while importing a file.

CVE-2023-21666 [HIGH] CWE-401 CVE-2023-21666: Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

CVE-2022-34144 [HIGH] CWE-617 CVE-2022-34144: Transient DOS due to reachable assertion in Modem during OSI decode scheduling. Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

CVE-2022-33304 [HIGH] CWE-476 CVE-2022-33304: Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

CVE-2022-25713 [HIGH] CWE-119 CVE-2022-25713: Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Mem Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

CVE-2022-33305 [HIGH] CWE-476 CVE-2022-33305: Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

CVE-2022-40504 [HIGH] CWE-617 CVE-2022-40504: Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

CVE-2023-21642 [HIGH] CWE-284 CVE-2023-21642: Memory corruption in HAB Memory management due to broad system privileges via physical address. Memory corruption in HAB Memory management due to broad system privileges via physical address.

CVE-2022-33292 [HIGH] CWE-416 CVE-2022-33292: Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and repo Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.

CVE-2022-40508 [HIGH] CWE-617 CVE-2022-40508: Transient DOS due to reachable assertion in Modem while processing config related to cross carrier s Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.

CVE-2022-33273 [MEDIUM] CWE-126 CVE-2022-33273: Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report ge Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

CVE-2022-25745 [CRITICAL] CWE-670 CVE-2022-25745: Memory corruption in modem due to improper input validation while handling the incoming CoAP message Memory corruption in modem due to improper input validation while handling the incoming CoAP message

CVE-2022-25678 [CRITICAL] CWE-120 CVE-2022-25678: Memory correction in modem due to buffer overwrite during coap connection Memory correction in modem due to buffer overwrite during coap connection

CVE-2022-33259 [CRITICAL] CWE-120 CVE-2022-33259: Memory corruption due to buffer copy without checking the size of input in modem while decoding raw Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.

CVE-2022-33211 [CRITICAL] CWE-20 CVE-2022-33211: memory corruption in modem due to improper check while calculating size of serialized CoAP message memory corruption in modem due to improper check while calculating size of serialized CoAP message

CVE-2022-25740 [CRITICAL] CWE-120 CVE-2022-25740: Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface

CVE-2022-33287 [HIGH] CWE-126 CVE-2022-33287: Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

CVE-2022-33228 [HIGH] CWE-126 CVE-2022-33228: Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.

CVE-2022-33296 [HIGH] CWE-680 CVE-2022-33296: Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.