Qualcomm Inc Snapdragon vulnerabilities

CVE-2022-33278 [HIGH] CWE-120 CVE-2022-33278: Memory corruption due to buffer copy without checking the size of input in HLOS when input message s Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

CVE-2022-33309 [HIGH] CWE-126 CVE-2022-33309: Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size les Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

CVE-2022-40531 [HIGH] CWE-704 CVE-2022-40531: Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID messa Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

CVE-2022-33213 [HIGH] CWE-121 CVE-2022-33213: Memory corruption in modem due to buffer overflow while processing a PPP packet Memory corruption in modem due to buffer overflow while processing a PPP packet

CVE-2022-33260 [HIGH] CWE-121 CVE-2022-33260: Memory corruption due to stack based buffer overflow in core while sending command from USB of large Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

CVE-2022-25694 [HIGH] CWE-823 CVE-2022-25694: Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

CVE-2022-33254 [HIGH] CWE-617 CVE-2022-33254: Transient DOS due to reachable assertion in Modem while processing SIB1 Message. Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

CVE-2022-25655 [HIGH] CWE-120 CVE-2022-25655: Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

CVE-2022-22075 [MEDIUM] CWE-200 CVE-2022-22075: Information Disclosure in Graphics during GPU context switch. Information Disclosure in Graphics during GPU context switch.

CVE-2022-33245 [MEDIUM] CWE-416 Use after free in WLAN Use after free in WLAN Memory corruption in WLAN due to use after free

CVE-2022-40514 [CRITICAL] CWE-120 CVE-2022-40514: Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while proce Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

CVE-2022-33279 [CRITICAL] CWE-121 CVE-2022-33279: Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.

CVE-2022-25729 [CRITICAL] CWE-20 CVE-2022-25729: Memory corruption in modem due to improper length check while copying into memory Memory corruption in modem due to improper length check while copying into memory

CVE-2022-34146 [HIGH] CWE-20 CVE-2022-34146: Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentati Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

CVE-2022-40512 [HIGH] CWE-126 CVE-2022-40512: Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

CVE-2022-33277 [HIGH] CWE-120 CVE-2022-33277: Memory corruption in modem due to buffer copy without checking size of input while receiving WMI com Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2022-33280 [HIGH] CWE-824 CVE-2022-33280: Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRC Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.

CVE-2022-33271 [HIGH] CWE-126 CVE-2022-33271: Information disclosure due to buffer over-read in WLAN while parsing NMF frame. Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

CVE-2022-33248 [HIGH] CWE-680 CVE-2022-33248: Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

CVE-2022-25732 [HIGH] CWE-126 CVE-2022-25732: Information disclosure in modem due to buffer over read in dns client due to missing length check Information disclosure in modem due to buffer over read in dns client due to missing length check