Qualcomm Inc Snapdragon vulnerabilities

CVE-2022-25738 [HIGH] CWE-126 CVE-2022-25738: Information disclosure in modem due to buffer over-red while performing checksum of packet received Information disclosure in modem due to buffer over-red while performing checksum of packet received

CVE-2022-25733 [HIGH] CWE-476 CVE-2022-25733: Denial of service in modem due to null pointer dereference while processing DNS packets Denial of service in modem due to null pointer dereference while processing DNS packets

CVE-2022-25735 [HIGH] CWE-476 CVE-2022-25735: Denial of service in modem due to missing null check while processing TCP or UDP packets from server Denial of service in modem due to missing null check while processing TCP or UDP packets from server

CVE-2022-33233 [HIGH] CWE-16 CVE-2022-33233: Memory corruption due to configuration weakness in modem wile sending command to write protected fil Memory corruption due to configuration weakness in modem wile sending command to write protected files.

CVE-2022-40513 [HIGH] CWE-400 CVE-2022-40513: Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qo Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos state.

CVE-2022-25734 [HIGH] CWE-835 CVE-2022-25734: Denial of service in modem due to missing null check while processing IP packets with padding Denial of service in modem due to missing null check while processing IP packets with padding

CVE-2022-33229 [HIGH] CWE-126 CVE-2022-33229: Information disclosure due to buffer over-read in Modem while using static array to process IPv4 pac Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets.

CVE-2022-33243 [HIGH] CWE-284 CVE-2022-33243: Memory corruption due to improper access control in Qualcomm IPC. Memory corruption due to improper access control in Qualcomm IPC.

CVE-2022-40502 [HIGH] CWE-20 CVE-2022-40502: Transient DOS due to improper input validation in WLAN Host. Transient DOS due to improper input validation in WLAN Host.

CVE-2022-25728 [HIGH] CWE-126 CVE-2022-25728: Information disclosure in modem due to buffer over-read while processing response from DNS server Information disclosure in modem due to buffer over-read while processing response from DNS server

CVE-2022-33246 [HIGH] CWE-823 CVE-2022-33246: Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call s Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

CVE-2022-33225 [HIGH] CWE-416 CVE-2022-33225: Memory corruption due to use after free in trusted application environment. Memory corruption due to use after free in trusted application environment.

CVE-2022-33232 [HIGH] CWE-120 CVE-2022-33232: Memory corruption due to buffer copy without checking size of input while running memory sharing tes Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

CVE-2022-33306 [HIGH] CWE-126 CVE-2022-33306: Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with inc Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

CVE-2022-34145 [HIGH] CWE-126 CVE-2022-34145: Transient DOS due to buffer over-read in WLAN Host while parsing frame information. Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

CVE-2022-33216 [MEDIUM] CWE-20 CVE-2022-33216: Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file. Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

CVE-2022-33221 [MEDIUM] CWE-126 CVE-2022-33221: Information disclosure in Trusted Execution Environment due to buffer over-read while processing met Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification requests.

CVE-2022-33265 [CRITICAL] CWE-787 CVE-2022-33265: Memory corruption due to information exposure in Powerline Communication Firmware while sending diff Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device.

CVE-2022-25721 [HIGH] CWE-843 CVE-2022-25721: Memory corruption in video driver due to type confusion error during video playback Memory corruption in video driver due to type confusion error during video playback

CVE-2022-33266 [HIGH] CWE-190 CVE-2022-33266: Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.