Qualcomm Inc Snapdragon vulnerabilities

CVE-2022-25730 [HIGH] CWE-126 CVE-2022-25730: Information disclosure in modem due to improper check of IP type while processing DNS server query Information disclosure in modem due to improper check of IP type while processing DNS server query

CVE-2022-33291 [HIGH] CWE-126 CVE-2022-33291: Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed l Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

CVE-2022-25747 [HIGH] CWE-126 CVE-2022-25747: Information disclosure in modem due to improper input validation during parsing of upcoming CoAP mes Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message

CVE-2022-33223 [HIGH] CWE-476 CVE-2022-33223: Transient DOS in Modem due to null pointer dereference while processing the incoming packet with htt Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding.

CVE-2022-25731 [HIGH] CWE-131 CVE-2022-25731: Information disclosure in modem due to buffer over-read while processing packets from DNS server Information disclosure in modem due to buffer over-read while processing packets from DNS server

CVE-2022-33301 [HIGH] CWE-704 CVE-2022-33301: Memory corruption due to incorrect type conversion or cast in audio while using audio playback/captu Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM.

CVE-2022-33294 [HIGH] CWE-476 CVE-2022-33294: Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registratio Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.

CVE-2022-33302 [HIGH] CWE-129 CVE-2022-33302: Memory corruption due to improper validation of array index in User Identity Module when APN TLV len Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

CVE-2022-33269 [HIGH] CWE-190 CVE-2022-33269: Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.

CVE-2022-40503 [HIGH] CWE-126 CVE-2022-40503: Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

CVE-2022-33295 [HIGH] CWE-126 CVE-2022-33295: Information disclosure in Modem due to buffer over-read while parsing the wms message received given Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.

CVE-2023-21630 [HIGH] CWE-191 CVE-2023-21630: Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along wit Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

CVE-2022-33258 [HIGH] CWE-126 CVE-2022-33258: Information disclosure due to buffer over-read in modem while reading configuration parameters. Information disclosure due to buffer over-read in modem while reading configuration parameters.

CVE-2022-33231 [HIGH] CWE-415 CVE-2022-33231: Memory corruption due to double free in core while initializing the encryption key. Memory corruption due to double free in core while initializing the encryption key.

CVE-2022-33222 [HIGH] CWE-126 CVE-2022-33222: Information disclosure due to buffer over-read while parsing DNS response packets in Modem. Information disclosure due to buffer over-read while parsing DNS response packets in Modem.

CVE-2022-40532 [HIGH] CWE-190 CVE-2022-40532: Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to t Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

CVE-2022-33298 [HIGH] CWE-416 CVE-2022-33298: Memory corruption due to use after free in Modem while modem initialization. Memory corruption due to use after free in Modem while modem initialization.

CVE-2022-33288 [HIGH] CWE-120 CVE-2022-33288: Memory corruption due to buffer copy without checking the size of input in Core while sending SCM co Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

CVE-2022-33282 [HIGH] CWE-680 CVE-2022-33282: Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL c Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.

CVE-2022-25726 [HIGH] CWE-126 CVE-2022-25726: Information disclosure in modem data due to array out of bound access while handling the incoming DN Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet