Qualcomm Inc Snapdragon vulnerabilities

CVE-2025-27070 [HIGH] CWE-787 CVE-2025-27070: Memory corruption while performing encryption and decryption commands. Memory corruption while performing encryption and decryption commands.

CVE-2025-47368 [HIGH] CWE-126 CVE-2025-47368: Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.

CVE-2025-47352 [HIGH] CWE-129 CVE-2025-47352: Memory corruption while processing audio streaming operations. Memory corruption while processing audio streaming operations.

CVE-2025-47365 [HIGH] CWE-190 CVE-2025-47365: Memory corruption while processing large input data from a remote source via a communication interfa Memory corruption while processing large input data from a remote source via a communication interface.

CVE-2025-27064 [MEDIUM] CWE-126 CVE-2025-27064: Information disclosure while registering commands from clients with diag through diagHal. Information disclosure while registering commands from clients with diag through diagHal.

CVE-2025-47362 [MEDIUM] CWE-126 CVE-2025-47362: Information disclosure while processing message from client with invalid payload. Information disclosure while processing message from client with invalid payload.

CVE-2025-47370 [MEDIUM] CWE-617 CVE-2025-47370: Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.

CVE-2025-27053 [HIGH] CWE-131 CVE-2025-27053: Memory corruption during PlayReady APP usecase while processing TA commands. Memory corruption during PlayReady APP usecase while processing TA commands.

CVE-2025-27048 [HIGH] CWE-822 CVE-2025-27048: Memory corruption while processing camera platform driver IOCTL calls. Memory corruption while processing camera platform driver IOCTL calls.

CVE-2025-47355 [HIGH] CWE-787 CVE-2025-47355: Memory corruption while invoking remote procedure IOCTL calls. Memory corruption while invoking remote procedure IOCTL calls.

CVE-2025-47342 [HIGH] CWE-416 CVE-2025-47342: Transient DOS may occur when multi-profile concurrency arises with QHS enabled. Transient DOS may occur when multi-profile concurrency arises with QHS enabled.

CVE-2025-47351 [HIGH] CWE-190 Integer Overflow or Wraparound in DSP Service Integer Overflow or Wraparound in DSP Service Memory corruption while processing user buffers.

CVE-2025-47340 [HIGH] CWE-787 CVE-2025-47340: Memory corruption while processing IOCTL call to get the mapping. Memory corruption while processing IOCTL call to get the mapping.

CVE-2025-27059 [HIGH] CWE-823 Use of Out-of-range Pointer Offset in TZ Firmware Use of Out-of-range Pointer Offset in TZ Firmware Memory corruption while performing SCM call.

CVE-2025-27054 [HIGH] CWE-787 CVE-2025-27054: Memory corruption while processing a malformed license file during reboot. Memory corruption while processing a malformed license file during reboot.

CVE-2025-47347 [HIGH] CWE-121 CVE-2025-47347: Memory corruption while processing control commands in the virtual memory management interface. Memory corruption while processing control commands in the virtual memory management interface.

CVE-2025-47354 [HIGH] CWE-416 CVE-2025-47354: Memory corruption while allocating buffers in DSP service. Memory corruption while allocating buffers in DSP service.

CVE-2025-47338 [HIGH] CWE-822 CVE-2025-47338: Memory corruption while processing escape commands from userspace. Memory corruption while processing escape commands from userspace.

CVE-2025-47349 [HIGH] CWE-823 CVE-2025-47349: Memory corruption while processing an escape call. Memory corruption while processing an escape call.

CVE-2025-27060 [HIGH] CWE-822 CVE-2025-27060: Memory corruption while performing SCM call with malformed inputs. Memory corruption while performing SCM call with malformed inputs.