Sdx57m Firmware
Monthly
5G Fixed Wireless Access Platform Firmware versions up to - is affected by reachable assertion (CVSS 6.5).
5G Fixed Wireless Access Platform Firmware versions up to - contains a vulnerability that allows attackers to cryptographic issue when a VoWiFi call is triggered from UE (CVSS 7.2).
Memory corruption while selecting the PLMN from SOR failed list. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS while processing CCCH data when NW sends data with invalid length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information disclosure while processing the hash segment in an MBN file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure while reading data from an image using specified offset and size parameters. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
Memory corruption while operating the mailbox in Automotive.
Memory corruption vulnerability in Qualcomm's Virtual Machine (VM) attachment mechanism that occurs when the Host Linux OS (HLOS) retains access to a VM during attachment operations. This local privilege escalation vulnerability affects Qualcomm System-on-Chip (SoC) implementations and allows a local attacker with user-level privileges to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has not been reported as actively exploited in the KEV catalog, but the high CVSS score (7.8) and local attack vector indicate significant real-world risk for deployed Qualcomm-based devices.
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. Rated high severity (CVSS 7.5). No vendor patch available.
Transient DOS during hypervisor virtual I/O operation in a virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while processing key blob passed by the user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS while loading the TA ELF file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in Data Modem during DTLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption while receiving a message in Bus Socket Transport Server. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Data modem while handling TLB control messages from the Network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Modem after RRC Setup message is received. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption while using the UIM diag command to get the operators name. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in MPP performance while accessing DSM watermark using external memory address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Modem while allocating DSM items. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT,. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
5G Fixed Wireless Access Platform Firmware versions up to - is affected by reachable assertion (CVSS 6.5).
5G Fixed Wireless Access Platform Firmware versions up to - contains a vulnerability that allows attackers to cryptographic issue when a VoWiFi call is triggered from UE (CVSS 7.2).
Memory corruption while selecting the PLMN from SOR failed list. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS while processing CCCH data when NW sends data with invalid length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information disclosure while processing the hash segment in an MBN file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure while reading data from an image using specified offset and size parameters. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
Memory corruption while operating the mailbox in Automotive.
Memory corruption vulnerability in Qualcomm's Virtual Machine (VM) attachment mechanism that occurs when the Host Linux OS (HLOS) retains access to a VM during attachment operations. This local privilege escalation vulnerability affects Qualcomm System-on-Chip (SoC) implementations and allows a local attacker with user-level privileges to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has not been reported as actively exploited in the KEV catalog, but the high CVSS score (7.8) and local attack vector indicate significant real-world risk for deployed Qualcomm-based devices.
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. Rated high severity (CVSS 7.5). No vendor patch available.
Transient DOS during hypervisor virtual I/O operation in a virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while processing key blob passed by the user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS while loading the TA ELF file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in Data Modem during DTLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption while receiving a message in Bus Socket Transport Server. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Data modem while handling TLB control messages from the Network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Modem after RRC Setup message is received. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption while using the UIM diag command to get the operators name. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in MPP performance while accessing DSM watermark using external memory address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in Modem while allocating DSM items. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT,. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.