ByteOS

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product

Versions

Affected

AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, QCA6175A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6554A, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCM2290, QCM4290, QCM6125, QCM6490, QCS2290, QCS405, QCS4290, QCS610, QCS6125, QCS6490, QRB5165, QRB5165M, QRB5165N, SA4150P, SA4155P, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD460, SD480, SD660, SD662, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM6225, SM6250, SM6375, SM7250P, SM7315, SM7325P, SW5100, SW5100P, WCD9326, WCD9335, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835

Problem Types

Type	CWE ID	Description
text	N/A	Buffer Over-read in WLAN Host

Type: text

CWE ID: N/A

Description: Buffer Over-read in WLAN Host

Metrics

Version	Base score	Base severity	Vector
3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin	x_refsource_CONFIRM

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Resource:

x_refsource_CONFIRM

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin	x_refsource_CONFIRM x_transferred

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Resource:

x_refsource_CONFIRM

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:product-security@qualcomm.com

Published At:01 Apr, 2022 | 05:15

Updated At:19 Apr, 2023 | 17:10

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 7.2

Base severity: HIGH

Vector:

AV:L/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*

>>aqt1000_firmware>>-

cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

>>aqt1000>>-

cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*

>>ar8031_firmware>>-

cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*

>>ar8031>>-

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

>>ar8035_firmware>>-

cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

>>ar8035>>-

cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*

>>csra6620_firmware>>-

cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

>>csra6620>>-

cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*

>>csra6640_firmware>>-

cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*

>>csra6640>>-

cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*

>>csrb31024_firmware>>-

cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*

>>csrb31024>>-

cpe:2.3:o:qualcomm:fsm10055_firmware:-:*:*:*:*:*:*:*

>>fsm10055_firmware>>-

cpe:2.3:h:qualcomm:fsm10055:-:*:*:*:*:*:*:*

>>fsm10055>>-

cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:*

>>fsm10056_firmware>>-

cpe:2.3:h:qualcomm:fsm10056:-:*:*:*:*:*:*:*

>>fsm10056>>-

cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*

>>qca6175a_firmware>>-

cpe:2.3:h:qualcomm:qca6175a:-:*:*:*:*:*:*:*

>>qca6175a>>-

cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*

>>qca6390_firmware>>-

cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

>>qca6390>>-

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

>>qca6391_firmware>>-

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

>>qca6391>>-

cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*

>>qca6426_firmware>>-

cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

>>qca6426>>-

cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*

>>qca6436_firmware>>-

cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

>>qca6436>>-

cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*

>>qca6554a_firmware>>-

cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*

>>qca6554a>>-

cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*

>>qca6564a_firmware>>-

cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*

>>qca6564a>>-

cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*

>>qca6564au_firmware>>-

cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*

>>qca6564au>>-

cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*

>>qca6574_firmware>>-

cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*

>>qca6574>>-

cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*

>>qca6574a_firmware>>-

cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

>>qca6574a>>-

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

>>qca6574au_firmware>>-

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

>>qca6574au>>-

cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*

>>qca6584au_firmware>>-

cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

>>qca6584au>>-

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

>>qca6595_firmware>>-

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

>>qca6595>>-

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

>>qca6595au_firmware>>-

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

>>qca6595au>>-

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

>>qca6696_firmware>>-

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

>>qca6696>>-

cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*

>>qca8081_firmware>>-

cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

>>qca8081>>-

cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*

>>qca8337_firmware>>-

cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*

>>qca8337>>-

Weaknesses

CWE ID	Type	Source
CWE-125	Primary	nvd@nist.gov

CWE ID: CWE-125

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin	product-security@qualcomm.com	Patch Vendor Advisory

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Source: product-security@qualcomm.com

Resource:

Patch

Vendor Advisory

Similar CVEs

1469Records found

CVE-2018-11961

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 3.19%

7 Day CHG~0.00%

Published-20 Dec, 2018 | 15:00

Updated-05 Aug, 2024 | 08:24

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2018-11871

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.75%

7 Day CHG~0.00%

Published-29 Oct, 2018 | 18:00

Updated-05 Aug, 2024 | 08:24

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016.

Product-qca9377_firmware sd_850 mdm9635m_firmware mdm9640_firmware sd_820a qca9980_firmware msm8996au_firmware sdm632_firmware sdm632 qca9563_firmware qca9378 mdm9650 qca9558 qca9558_firmware snapdragon_high_med_2016_firmware qca6574 msm8996au qca9880_firmware sd_650 sd_820 sd_450_firmware sd_845_firmware sd_820a_firmware ipq4019_firmware mdm9206 sd_652 qca6564 sd_425_firmware qca9379_firmware qca6174a qca6584au_firmware sd_625_firmware ipq8074 sd_450 sdm636 qca9377 mdm9635m sd_845 mdm9206_firmware qca9563 qca6574_firmware qca9886 qca6584_firmware sd_835_firmware mdm9650_firmware qca9378_firmware sd_835 qca6584 qca6574au_firmware sda660 sd_210_firmware ipq8064 sd_652_firmware sd_600 sd_205_firmware ipq8064_firmware sd_212 sd_650_firmware sd_427_firmware qca6584au sdm636_firmware sdx20 sd_425 sdm660 sd_430_firmware mdm9607_firmware sd_435 sdm630 qca9531 sd_625 ipq8074_firmware qca6574au sdm710 sd_820_firmware sd_210 mdm9607 qca9980 sdm710_firmware qca9880 qca6174a_firmware qca9886_firmware sd_212_firmware snapdragon_high_med_2016 qca6564_firmware sd_850_firmware sdm630_firmware sda660_firmware sd_430 ipq4019 sd_427 sd_435_firmware sdx20_firmware qca9531_firmware sd_600_firmware sd_205 qca9379 sdm660_firmware mdm9640 Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2018-11950

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.75%

7 Day CHG~0.00%

Published-26 Oct, 2018 | 13:00

Updated-05 Aug, 2024 | 08:24

Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850

Product-sd_850_firmware sd_845 sd_850 sd_845_firmware Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2018-11840

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.22%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:17

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-415

Double Free

CVE-2018-11888

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.13%

7 Day CHG~0.00%

Published-11 Feb, 2019 | 15:00

Updated-05 Aug, 2024 | 08:24

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439, Snapdragon_High_Med_2016.

Product-sd_427_firmware sd_632 sd_820a sd_412 msm8996au_firmware sd_439 sd_415 sd_616 sd_425 sd_429 sd_430_firmware mdm9607_firmware sd_435 mdm9655_firmware mdm9650 sd_615 sd_650_firmware sd_625 sd_615_firmware sdm439 snapdragon_high_med_2016_firmware sd_210 mdm9607 msm8996au sd_820_firmware sd_650 sd_820 sd_450_firmware sd_410 sd_439_firmware sd_820a_firmware sd_429_firmware sd_652 sd_425_firmware snapdragon_high_med_2016 sd_212_firmware sd_625_firmware sd_450 mdm9655 sdm439_firmware sd_412_firmware sd_8cx_firmware sd_8cx sd_427 sd_430 sd_435_firmware sd_632_firmware mdm9650_firmware sd_835_firmware sd_410_firmware sd_835 sd_205 sd_210_firmware sd_415_firmware sd_652_firmware sd_616_firmware sd_205_firmware sd_212 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-862

Missing Authorization

CVE-2018-11886

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 2.36%

7 Day CHG~0.00%

Published-19 Sep, 2018 | 14:00

Updated-05 Aug, 2024 | 08:24

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2018-11824

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.46%

7 Day CHG~0.00%

Published-26 Oct, 2018 | 13:00

Updated-05 Aug, 2024 | 08:17

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-33276

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.00%

7 Day CHG~0.00%

Published-06 Jan, 2023 | 05:02

Updated-09 Apr, 2025 | 19:39

Buffer copy without checking size of input in Modem

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

Product-sd_8cx_gen3_firmware qca2066 qca8337 ar9380 qca6431_firmware ipq8173_firmware sdx65 qcn5124 qca4024_firmware ipq8078a ipq5028_firmware qca6595au_firmware qca2062 qca6554a_firmware qam8295p ipq8076a qca8386_firmware qcn6024_firmware sd_8_gen1_5g_firmware qca8084_firmware qsm8350_firmware qsm8350 sm7315_firmware wcn7850 qca6574au_firmware qcn5164_firmware wcd9375_firmware qca8081_firmware qcn9002 qca9986 ipq8070_firmware ipq8065 ipq8078a_firmware qrb5165_firmware ipq5028 qrb5165m_firmware ipq6010 ipq8068 qcn6132 qca6436 wcn6851 wcn7851_firmware qca9888_firmware qcn6122 ipq8068_firmware qca2066_firmware qca6431 qca6696_firmware sd870_firmware ipq9008_firmware qcn5154_firmware sxr2150p_firmware wsa8830_firmware qca9992_firmware sd865_5g_firmware wcn7850_firmware sm8475 qcn5022_firmware sa8295p_firmware wcn6750_firmware ipq5018_firmware qca9985_firmware qca8337_firmware wcd9380_firmware ipq8072a qca9980_firmware ipq8076a_firmware ipq8078 qca6564au qca8084 ipq8173 qcn9001_firmware sdx55m_firmware ipq9008 wcn6856_firmware qcn5164 qca6574 csr8811_firmware wcd9380 qcn5054_firmware qcn5024 qca8072_firmware qca9985 qcn9012_firmware qcn5052_firmware qcn9274_firmware wcn3980 ipq6018_firmware wsa8815 wcn6850 pmp8074_firmware qcn6112 qca9986_firmware qca6426_firmware qca9984 ipq6028 ipq8064 qcn9024 pmp8074 ipq9574_firmware wcn3980_firmware sdx55m ipq8064_firmware sa8295p qca6421_firmware qca2062_firmware wcn6740_firmware ipq8078_firmware qcn5054 qrb5165 wcn6851_firmware ipq8070 qca9994 qca9980 qcn9024_firmware ipq8174_firmware sd870 wcn6855 ipq6018 qca9886_firmware qca6595_firmware qca6391_firmware qca2064 qca4024 sd780g_firmware wcd9370_firmware sd888_firmware qcn5021_firmware sxr2150p ar8035_firmware qcn5024_firmware wsa8830 qcn9070 qca8082 qcn9072 qca8386 qca9992 qca6390_firmware qca2064_firmware ipq6000 wcd9370 qcn5152_firmware qca6426 qca6584au_firmware qrb5165n_firmware qcn9000_firmware qca9984_firmware ipq5018 wcd9385_firmware sdxr2_5g_firmware ipq8074a qca2065 qcn5124_firmware qam8295p_firmware qcn6100_firmware qcn6102_firmware qcn9011_firmware qca8082_firmware qcn5122_firmware qca6595au qcn6023_firmware qca6436_firmware qrb5165n ipq5010 qca6564au_firmware qca6584au sd778g qcn9274 ipq8174 qca9990 qcn9001 qcs6490 sdxr2_5g qcn5052 wcn7851 qcn6112_firmware qcn9074 qca6421 qca8085 sd778g_firmware wsa8810_firmware qca8081 ipq8071a qcn6023 ipq8071a_firmware wcd9385 qca8085_firmware qca2065_firmware qcs6490_firmware sd_8cx_gen3 ar8035 csr8811 qca6390 wcd9375 qcn9100_firmware ipq5010_firmware ipq8074a_firmware qcm6490 sd888_5g_firmware wcn6850_firmware wsa8815_firmware wsa8835_firmware qca8072 qcn9000 sd780g qca6554a sd865_5g qca6595 ar9380_firmware qcn9012 sd888 qcn6122_firmware ipq8065_firmware wsa8835 sd888_5g qcn5154 qca8075_firmware qca6574a wcn6855_firmware qca9889 sm7325p qcn6132_firmware qcn9003_firmware qca9888 qca9994_firmware wcn6750 qcn9003 ipq8070a_firmware ipq8076_firmware qca6574_firmware qca9886 sm7325p_firmware ipq8076 qca6574a_firmware qcn5021 qcn5152 qrb5165m sm7315 qca6391 qcn6102 qcn9100 sdx65_firmware qcm6490_firmware qcn9070_firmware ipq6028_firmware ipq8072a_firmware qcn9011 qca6574au qca9889_firmware ipq9574 qcn5122 wsa8810 wcn6856 qcn5022 ipq6010_firmware wcn6740 qca6696 qca8075 qcn9022_firmware qcn6024 qcn9022 qca9990_firmware ipq8070a qcn9002_firmware qcn6100 qcn9072_firmware ipq6000_firmware qcn9074_firmware Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2018-11962

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.14%

7 Day CHG~0.00%

Published-11 Feb, 2019 | 15:00

Updated-05 Aug, 2024 | 08:24

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-416

Use After Free

CVE-2018-11902

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 9.52%

7 Day CHG~0.00%

Published-19 Sep, 2018 | 14:00

Updated-05 Aug, 2024 | 08:24

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11964

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.01% / 1.68%

7 Day CHG~0.00%

Published-20 Dec, 2018 | 15:00

Updated-05 Aug, 2024 | 08:24

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-732

Incorrect Permission Assignment for Critical Resource

CVE-2018-11838

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.75%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 08:17

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20

Product-apq8053 mdm9640_firmware sdx20_firmware sdm636_firmware sdm636 sda660 sda660_firmware sdx20 sdm660 apq8053_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-415

Double Free

CVE-2022-33231

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-9.3||CRITICAL

EPSS-0.04% / 12.51%

7 Day CHG~0.00%

Published-04 Apr, 2023 | 04:46

Updated-03 Aug, 2024 | 08:01

Double free in Core

Memory corruption due to double free in core while initializing the encryption key.

CWE ID-CWE-415

Double Free

CVE-2018-11970

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.75%

7 Day CHG~0.00%

Published-04 Apr, 2019 | 15:09

Updated-05 Aug, 2024 | 08:24

TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130

CVE-2022-33226

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 8.84%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Product-wcn3991_firmware qam8255p_firmware wcn3991 wcd9380_firmware wsa8830 wcn785x-5 sm8350-ac_firmware sm8150-ac wsa8835 wcd9380 qca6420_firmware qca6595au_firmware snapdragon_wear_4100\+_platform_firmware sm8350 snapdragon_wear_4100\+_platform wcn685x-5_firmware wcn685x-1 qca6430_firmware sm8450 wcn3980 wcn3998 wcd9385_firmware sd855 wcn3660b wsa8815 wcn3660b_firmware qca6574au_firmware wcn3680b_firmware qca6595au wcn3998_firmware wcn785x-5_firmware wcn3980_firmware wcn3610_firmware qca6420 aqt1000_firmware qca6698aq sm8350_firmware wcn685x-5 qca6797aq_firmware qca6430 wcn785x-1_firmware qca6574au wsa8810_firmware wcd9341_firmware sm8450_firmware wsa8810 sa8255p_firmware sm8150-ac_firmware qca6698aq_firmware wcn3680b sm8350-ac wcn685x-1_firmware wcd9385 sm8150_firmware sa8255p wcd9341 qca6797aq aqt1000 wsa8830_firmware sd855_firmware sm8150 wcn785x-1 wsa8815_firmware wsa8835_firmware qam8255p wcn3610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2018-11856

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.07%

7 Day CHG~0.00%

Published-29 Oct, 2018 | 18:00

Updated-05 Aug, 2024 | 08:17

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.

Product-sd_850 sd_835_firmware sd_850_firmware sd_835 sd_845_firmware sd_845 Snapdragon Mobile

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2018-11904

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 14.87%

7 Day CHG~0.00%

Published-19 Sep, 2018 | 14:00

Updated-05 Aug, 2024 | 08:24

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-476

NULL Pointer Dereference

CVE-2018-11994

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.07%

7 Day CHG~0.00%

Published-28 Nov, 2018 | 15:00

Updated-05 Aug, 2024 | 08:24

SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

CVE-2018-11827

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.22%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:17

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11264

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.00%

7 Day CHG~0.00%

Published-28 Nov, 2018 | 15:00

Updated-05 Aug, 2024 | 08:01

Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2018-11274

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 2.36%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:01

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-33248

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 22.97%

7 Day CHG~0.00%

Published-09 Feb, 2023 | 06:58

Updated-03 Aug, 2024 | 08:01

Integer overflow to buffer overflow in User Identity Module

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

Product-qca9377_firmware sm6250p_firmware qcs610 qca8337 qca6431_firmware wcd9360_firmware sdx65 wcn3950_firmware qcs2290 qca6595au_firmware qca6335 msm8917 sd_455_firmware csra6620_firmware qcs605_firmware sd_675_firmware csra6640_firmware qcs6125_firmware msm8108 sa415m wcn3998 wcd9371_firmware msm8108_firmware wcn3950 qcn6024_firmware sd720g sd_8cx_gen2_firmware qsw8573_firmware sd_8_gen1_5g_firmware wcn3660b sd710_firmware sd460_firmware sm7315_firmware wcn7850 qca6574au_firmware wcd9375_firmware wcn3998_firmware qca8081_firmware sdx12_firmware msm8909w apq8009w_firmware qca6420 wcd9360 sd680_firmware sd_8cx_gen2 qcs6125 sd662_firmware qcs405 qca6430 wcd9340 sd765g qualcomm215_firmware sw5100 sd680 qca6436 wcn6851 qcs603_firmware wcn7851_firmware msm8937 msm8209_firmware mdm9250_firmware wcd9341 qca6431 qca6696_firmware wcd9371 sd870_firmware sd750g wcn3910_firmware wsa8830_firmware sd855_firmware sd660 sd865_5g_firmware snapdragon_4_gen_1 sd712 wcn3988 sd660_firmware wcn7850_firmware sm8475 msm8208_firmware wcn6750_firmware wcn3610 msm8608 wcn3991 qca8337_firmware sda429w_firmware wcd9380_firmware sdm429w sw5100p qca6564au sdx55m_firmware wcn6856_firmware qet4101_firmware sd670_firmware wcd9380 qualcomm215 qcs410 sd690_5g_firmware sdx50m_firmware sdx24_firmware qca6430_firmware wcd9335_firmware wcn3980 sd439_firmware qca6335_firmware qsw8573 qcm4325_firmware qcs605 wcd9340_firmware wsa8815 wcn6850 sd7c wcn3910 qca6320 msm8937_firmware mdm9650_firmware qca6426_firmware wcn3660b_firmware wcn3680 sd695 sd835 qcn9024 wcn3980_firmware sd730 sdx55m qcc5100_firmware qca6421_firmware wcn6740_firmware sd678_firmware wcn3680_firmware wcn6851_firmware qcs603 sd670 sd_636_firmware qcn9024_firmware qca6564a_firmware apq8009w sdx57m qcm4290_firmware sd480 sd870 wcn6855 sw5100p_firmware sd210_firmware qcs610_firmware sd695_firmware sdxr1 qcs405_firmware sdm630_firmware qca6391_firmware wcd9370_firmware sd780g_firmware sdx55 sd888_firmware sd675 csra6640 sdx70m sd439 qet4101 ar8035_firmware qcm2290 wcn3991_firmware mdm9150_firmware wsa8830 sd678 qcs2290_firmware sd7c_firmware csrb31024 snapdragon_4_gen_1_firmware mdm9650 sd_636 csra6620 qcs4290 mdm9250 sd765g_firmware qca6420_firmware qca6390_firmware apq8009_firmware sd690_5g sd730_firmware wcd9370 sd675_firmware qca6426 wcn3990_firmware qca9377 sdw2500_firmware wcd9385_firmware sdxr2_5g_firmware wcd9326_firmware wcn3615_firmware sd662 apq8037 qca6320_firmware wcn3680b_firmware sdx55_firmware wcn3615 qca6595au sm7250p_firmware wcn3610_firmware qca6436_firmware qca6564au_firmware sd778g qca6310 msm8208 wcn7851 sd429 sa515m_firmware qcs6490 sdxr2_5g sdm630 sa415m_firmware wcn3988_firmware sd205 sd429_firmware qca6421 sd778g_firmware sm6250 sd712_firmware apq8017_firmware wsa8810_firmware sd765_firmware wcd9326 wcd9335 sg4150p qca8081 qca6174a_firmware qcs4290_firmware wcd9385 qcs6490_firmware sdx70m_firmware qca6390 wcd9375 sd750g_firmware aqt1000 ar8035 sm6250_firmware sda429w msm8917_firmware sd210 wcn3620_firmware sdx20_firmware wsa8815_firmware sd888_5g_firmware qcm6490 wcn6850_firmware wsa8835_firmware wcn3620 apq8017 qcx315 qca6564a sg4150p_firmware qcm6125_firmware qcm4325 qcm2290_firmware wcn3990 sd_675 sd780g sd865_5g qcc5100 sdx24 sd888 msm8909w_firmware qcx315_firmware wsa8835 sdm429w_firmware sd665_firmware sd888_5g sm6250p sc8180x qca6574a wcn6855_firmware qca6174a sm7325p qca6310_firmware wcn6750 sa515m sd855 sm7325p_firmware sd665 sdx57m_firmware sd765 qca6574a_firmware sd768g_firmware msm8209 sd850_firmware sm7315 apq8009 sd460 qca6391 sdxr1_firmware aqt1000_firmware sdx65_firmware qcm4290 csrb31024_firmware qcm6490_firmware sdx50m sdx20 sd480_firmware sd_455 sc8180x_firmware qca6574au sd710 sd205_firmware wcd9341_firmware qcm6125 wsa8810 mdm9150 wcn6856 wcn3680b sd835_firmware sd768g wcn6740 qca6696 sd845_firmware msm8608_firmware sdw2500 qcn6024 sd845 apq8037_firmware sm7250p sd720g_firmware sdx12 sw5100_firmware qcs410_firmware sd850 Snapdragon

CWE ID-CWE-680

Integer Overflow to Buffer Overflow

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2022-33218

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.04% / 9.83%

7 Day CHG~0.00%

Published-06 Jan, 2023 | 05:02

Updated-09 Apr, 2025 | 19:52

Improper Input Validation in Automotive

Memory corruption in Automotive due to improper input validation.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2018-11289

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.10% / 27.89%

7 Day CHG~0.00%

Published-25 Feb, 2019 | 23:00

Updated-05 Aug, 2024 | 08:01

Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.

Product-sd_850 mdm9150_firmware sd_632 sd_820a sd_675 msm8996au_firmware sd_439 sd_670_firmware sd_429 sdm439 mdm9650 sd_636 snapdragon_high_med_2016_firmware msm8996au sd_820 sd_650 sd_450_firmware sd_845_firmware sd_410 sd_820a_firmware qcs605_firmware sd_675_firmware mdm9206 sd_652 sd_425_firmware sd_625_firmware ipq8074 sd_450 sd_8cx_firmware sd_845 mdm9206_firmware qcs605 sd_632_firmware sd_835_firmware mdm9650_firmware sd_835 sda660 sxr1130_firmware sd_210_firmware sd_652_firmware qca8081_firmware sxr1130 sd_205_firmware sd_212 sd_650_firmware sd_427_firmware sd_712 sd_412 sd_425 sdm660 sd_430_firmware mdm9607_firmware sd_435 mdm9655_firmware sd_710_firmware sdm630 sd_625 ipq8074_firmware sd_820_firmware sd_210 mdm9607 sd_636_firmware sd_439_firmware qca8081 mdm9150 sd_429_firmware snapdragon_high_med_2016 sd_212_firmware sd_850_firmware mdm9655 sdm439_firmware sd_412_firmware sd_712_firmware sdm630_firmware sda660_firmware sd_8cx sd_430 sd_427 sd_670 sd_435_firmware sd_710 sd_410_firmware sd_205 sdm660_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2018-11281

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.58%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:01

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will occur.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-416

Use After Free

CVE-2018-11305

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 14.17%

7 Day CHG~0.00%

Published-26 Oct, 2018 | 13:00

Updated-05 Aug, 2024 | 08:01

When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20.

CWE ID-CWE-416

Use After Free

CVE-2018-11267

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.07%

7 Day CHG~0.00%

Published-20 Sep, 2018 | 13:00

Updated-05 Aug, 2024 | 08:01

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20.

Product-mdm9640_firmware sdm632_firmware sd430 msm8996au_firmware sd625_firmware sdm632 sd650_firmware sd600 sdm439 mdm9650 sdm429 sd616_firmware sd616 sd820a_firmware snapdragon_high_med_2016_firmware msm8996au sd652 sd412 sd427_firmware sd625 mdm9206 sd435_firmware sd600_firmware sdm636 sd427 mdm9615 mdm9206_firmware sd430_firmware sd450_firmware sd615 mdm9640 sdm429_firmware mdm9650_firmware sda660 sd835 sd820a sd850_firmware sd617 sdm636_firmware sdx20 sdm660 sdm630 mdm9607_firmware mdm9655_firmware sd425_firmware sd205 sd617_firmware mdm9607 sd205_firmware sd410_firmware sd652_firmware sd615_firmware sd425 sd210_firmware sd435 sd212_firmware sd835_firmware snapdragon_high_med_2016 mdm9655 sdm439_firmware sd412_firmware sd212 sdm630_firmware sd820_firmware sda660_firmware sd415 sd845_firmware sd845 sd210 mdm9615_firmware sd820 sdx20_firmware sd415_firmware sd650 sd450 sdm660_firmware sd850 sd410 Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11288

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.75%

7 Day CHG~0.00%

Published-18 Jan, 2019 | 22:00

Updated-05 Aug, 2024 | 08:01

Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11269

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.00%

7 Day CHG~0.00%

Published-20 Sep, 2018 | 13:00

Updated-05 Aug, 2024 | 08:01

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options.

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11299

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.22%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:01

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11268

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.00%

7 Day CHG~0.00%

Published-20 Sep, 2018 | 13:00

Updated-05 Aug, 2024 | 08:01

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2018-11816

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.50%

7 Day CHG~0.00%

Published-26 Nov, 2024 | 13:56

Updated-06 Feb, 2025 | 16:41

Use After Free in Video

Crafted Binder Request Causes Heap UAF in MediaServer

CWE ID-CWE-416

Use After Free

CVE-2018-11295

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.26%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:01

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds the max length, an OOB write would happen.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-787

Out-of-bounds Write

CVE-2018-11292

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 30.14%

7 Day CHG~0.00%

Published-20 Sep, 2018 | 13:00

Updated-05 Aug, 2024 | 08:01

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, lack of input validation in WLANWMI command handlers can lead to integer & heap overflows.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2018-11296

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.26%

7 Day CHG~0.00%

Published-18 Sep, 2018 | 18:00

Updated-05 Aug, 2024 | 08:01

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23354

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.13% / 33.06%

7 Day CHG-0.01%

Published-06 May, 2024 | 14:32

Updated-11 Aug, 2025 | 15:06

Use After Free in Graphics Linux

Memory corruption when the IOCTL call is interrupted by a signal.

CWE ID-CWE-416

Use After Free

CVE-2022-25695

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 18.16%

7 Day CHG~0.00%

Published-13 Dec, 2022 | 00:00

Updated-22 Apr, 2025 | 16:15

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-wcd9380_firmware wcn3615_firmware msm8996au sd429_firmware qca6595au_firmware qualcomm215_firmware sd730 qca6310 qsw8573 apq8009 mdm9607 qca6696 qca6421 wcn7850 mdm9205_firmware qca6564au msm8937 sdx24 wcn3660b sd632_firmware mdm8207_firmware sd720g qca6426_firmware sd710_firmware sd460 sd205_firmware msm8996au_firmware mdm9630 apq8056 msm8940 sdx24_firmware wsa8830 msm8920_firmware wsa8815 wcn3680b qca6430 wcn3620_firmware sd855 qcs6490_firmware wcd9340 sdx55_firmware sdxr2_5g_firmware apq8037 msm8976sg_firmware sd_8cx_gen2_firmware sc8180x\+sdx55_firmware mdm9207 sd712 mdm9650 sd765g_firmware qca6574a qca4004_firmware msm8108_firmware sd865_5g_firmware wcd9306_firmware apq8017_firmware qcm6125_firmware sdm429w_firmware sd835_firmware wcn6750 sm7325p msm8917_firmware sd_636_firmware sd695_firmware qcc5100 sd_675 qca6335 sd625_firmware msm8108 qcs405 qca6431_firmware msm8208 csra6640 sd480_firmware qet4101 qca6430_firmware qca8081 sm7315_firmware sm7325p_firmware qca6584au apq8009w sd870 mdm9150 qca9367 qca6390_firmware qcn9024_firmware sc8180x\+sdx55 wcn6855 qca6584_firmware qcx315_firmware wcn3910 sd870_firmware qcm6490_firmware sm6250 sdm630_firmware qca6431 qca6595au wcd9370 sd821_firmware qcs4290_firmware sd888_firmware wcn3980 sd439_firmware sm7315 sd765_firmware sd720g_firmware sd765g sd670 mdm9150_firmware sdx55m msm8208_firmware msm8917 sd450 wcn6850_firmware wcn3660 sd_455 sm6250p wsa8810_firmware wsa8815_firmware wcn3991_firmware sd625 sd850_firmware wcn6740 msm8608_firmware qca6436 msm8952_firmware wsa8810 sdxr1 msm8909w sdm630 sw5100p_firmware aqt1000_firmware qca4004 wsa8835_firmware wcd9335_firmware sm7250p_firmware apq8009_firmware qca6391 qcn9024 wcn3998_firmware csra6620 mdm9330_firmware wcn6851 sd778g_firmware wcd9370_firmware sd675 qca6420_firmware sd439 wcn3660_firmware sdx57m qcx315 qcc5100_firmware msm8940_firmware sd210_firmware qcm6125 fsm10055_firmware apq8052_firmware fsm10055 sdx12 sd660 csrb31024_firmware sdm429w sdx20 qcs610 qualcomm215 apq8052 qca6391_firmware sd205 wcd9326_firmware sm7250p csra6620_firmware wcn3610 sdx20_firmware wcn3910_firmware msm8209 apq8017 wcd9375 sd750g_firmware msm8976_firmware qca6696_firmware sm6250p_firmware sd865_5g qca9377 wcn3990_firmware mdm9230_firmware wcn3950_firmware wcn3988 sd778g wcd9371_firmware wcn3615 msm8976 sd750g sd768g_firmware qcs605 msm8952 sd712_firmware wcn7851 qca6310_firmware sd710 mdm9640_firmware qca6436_firmware qca9367_firmware sd_636 wcd9341_firmware sd821 sd632 wcd9340_firmware mdm9330 sd850 apq8037_firmware sd_675_firmware qca6174a_firmware qca6564a_firmware sd855_firmware sd662_firmware wcd9371 mdm9650_firmware sdx50m qcs405_firmware qcn6024_firmware qcs6490 sdx55 sd460_firmware sd_455_firmware msm8956 mdm9628 wcn3610_firmware qcm4290_firmware msm8976sg sd450_firmware sd820 wcn3660b_firmware sm4375 msm8909w_firmware qet4101_firmware sd665_firmware wcd9360_firmware sdw2500 sdw2500_firmware qsw8573_firmware sd626 sd768g wcn6740_firmware wcn6856 sd626_firmware apq8009w_firmware sda429w_firmware sdx50m_firmware qca6390 sd480 wcd9330 wcn7851_firmware sw5100 wcn6850 sa415m wcn3950 qcs603_firmware msm8608 qca6320_firmware qca6584au_firmware qcm6490 qcn6024 qca6174a wcd9335 sd7c_firmware sd670_firmware wcn3680b_firmware sd835 qca6421_firmware qca6574au_firmware sd662 mdm9250_firmware qcs610_firmware mdm9205 msm8956_firmware mdm9207_firmware qca6174 qcm2290_firmware wcd9380 mdm9630_firmware qcm4290 wcn3680 mdm9628_firmware sd660_firmware sd730_firmware sd695 qca6174_firmware wcd9375_firmware sd888 ar8035_firmware wcn6856_firmware aqt1000 mdm9230 qcs603 sdx12_firmware ar8035 wcn6855_firmware mdm8207 wcd9360 qca6420 sd780g_firmware wcn3680_firmware qcm2290 sdx65_firmware mdm9250 sa515m sd845_firmware mdm9206 sdxr1_firmware sa515m_firmware mdm9607_firmware wcn3990 apq8076 sd429 apq8076_firmware sd690_5g qca8081_firmware msm8920 wsa8835 wcn3998 wcd9306 apq8056_firmware qca8337_firmware mdm9206_firmware qcs2290 sd820_firmware sd7c wcd9385 sd678 qca6574au wcn7850_firmware sdx65 wcd9385_firmware mdm9640 apq8096au wcn6750_firmware qcs410_firmware sd210 sd680 sd888_5g sd678_firmware qca9379 qcs6125 sm4375_firmware wcn3991 qca6574 csra6640_firmware qca6574_firmware sa415m_firmware qca6564a sd675_firmware qca6574a_firmware sd665 sda429w sd888_5g_firmware wsa8830_firmware qca6320 qca8337 sd_8_gen1_5g_firmware sm6250_firmware sdxr2_5g wcd9341 wcn3980_firmware qcs2290_firmware wcn6851_firmware wcd9326 sd680_firmware qca9379_firmware msm8937_firmware qca9377_firmware apq8096au_firmware sw5100_firmware qca6584 sd780g qca6564au_firmware csrb31024 qca6426 qca6335_firmware sdx55m_firmware qcs6125_firmware sdx57m_firmware sd690_5g_firmware sm8475 wcn3620 sd765 qcs605_firmware wcd9330_firmware wcn3988_firmware qcs4290 msm8209_firmware sw5100p sd_8cx_gen2 sd845 qcs410 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2022-25711

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 5.70%

7 Day CHG~0.00%

Published-13 Dec, 2022 | 00:00

Updated-22 Apr, 2025 | 16:15

Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Product-wcd9380_firmware wcd9340_firmware qca6595au_firmware qualcomm215_firmware wsa8835 mdm9150_firmware sdx55m sd855_firmware wcn3998 wcn6850_firmware sdx55 wsa8810_firmware qca8337_firmware wsa8815_firmware sa8150p qca6696 wcn3610_firmware wcn7850 qca6436 qca6426_firmware wcn3660b qca6574au wcn7850_firmware wcn3660b_firmware sa6150p qcs410_firmware sd205_firmware sa8155p wsa8810 sa6145p_firmware sd210 wcd9341_firmware wsa8830 sw5100p_firmware wcn6856 wsa8815 qca6390 sda429w_firmware wcn3680b aqt1000_firmware sa6155p wsa8835_firmware sa8150p_firmware qca6430 sa8145p_firmware sw5100 sd855 wcn7851_firmware qca6391 wcn3998_firmware wcd9340 wcn6850 sa8145p wcn6851 sdx55_firmware wcn3950 wcd9370_firmware sdxr2_5g_firmware qca6420_firmware sa8195p sda429w qcc5100_firmware sd210_firmware wsa8830_firmware qca8337 sd_8_gen1_5g_firmware wcn3680b_firmware sdxr2_5g sd865_5g_firmware wcd9341 wcn3980_firmware qca6574au_firmware wcn6851_firmware qcs610 qcs610_firmware qualcomm215 sa6155p_firmware qca6391_firmware qcn9074_firmware qcn9074 sd205 sa8155p_firmware qcc5100 wcd9380 sa6145p wcn3610 sw5100_firmware qca6430_firmware sa6150p_firmware qca6696_firmware sd865_5g wcn6856_firmware sd870 qca6426 sdx55m_firmware aqt1000 sm8475 wcn3950_firmware wcn3988 mdm9150 qca6390_firmware wcn6855_firmware qca6420 wcn6855 wcn3988_firmware wcn7851 qcs8155_firmware sd870_firmware qcs8155 sw5100p qca6436_firmware sa8195p_firmware qca6595au wcd9370 qcs410 wcn3980 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2022-25709

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.95%

7 Day CHG~0.00%

Published-07 Mar, 2023 | 04:43

Updated-05 Mar, 2025 | 16:44

Use of Out-of-range Pointer Offset in Data Modem

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

Product-wcn3991_firmware wsa8830 sd678 sm6250p_firmware qca8337 qca6431_firmware sd7c_firmware snapdragon_4_gen_1_firmware sdx65 wcn3950_firmware sd765g_firmware qca6390_firmware sd690_5g sd730_firmware wcd9370 sd_675_firmware sd675_firmware qca6426 wcn3990_firmware wcn3998 wcd9385_firmware sdxr2_5g_firmware wcn3950 qcn6024_firmware sd720g sd_8_gen1_5g_firmware wcn7850 qca6320_firmware sdx55_firmware wcd9375_firmware qca8081_firmware wcn3998_firmware sm7250p_firmware qca6436_firmware qca6310 sa515m_firmware wcn7851 sdxr2_5g sd821 wcn3988_firmware qca6421 sm6250 wcd9340 wsa8810_firmware sd765g sd765_firmware qca6436 wcn6851 wcd9335 qca8081 wcn7851_firmware qca6174a_firmware wcd9385 wcd9341 qca6431 sd750g sd870_firmware sdx70m_firmware qca6390 ar8035 sd750g_firmware wcd9375 sm6250_firmware wsa8830_firmware sd855_firmware sd865_5g_firmware sd820 snapdragon_4_gen_1 wcn3988 wcn6850_firmware wcn7850_firmware wsa8815_firmware wsa8835_firmware qcx315 sm8475 wcn3991 qca8337_firmware wcd9380_firmware wcn3990 sd_675 sd865_5g sdx55m_firmware wcn6856_firmware wsa8835 qcx315_firmware wcd9380 sm6250p sd690_5g_firmware wcn6855_firmware qca6174a qca6310_firmware wcd9335_firmware wcn3980 sa515m wcd9340_firmware sd855 wsa8815 wcn6850 sd7c qca6320 sd765 qca6426_firmware sd695 sd768g_firmware sd835 qcn9024 wcn3980_firmware sd730 qca6391 sdx55m qca6421_firmware sdx65_firmware sd821_firmware sd678_firmware sd480_firmware wcn6851_firmware qcn9024_firmware wcd9341_firmware sd480 sd870 wsa8810 wcn6855 wcn6856 sd835_firmware sd695_firmware sd768g sd820_firmware qca6391_firmware wcd9370_firmware sdx55 sd675 qcn6024 sdx70m sm7250p sd720g_firmware ar8035_firmware Snapdragon

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25721

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.03%

7 Day CHG~0.00%

Published-06 Jan, 2023 | 05:02

Updated-09 Apr, 2025 | 20:18

Incorrect Type Conversion in Video driver

Memory corruption in video driver due to type confusion error during video playback

Product-mdm9150_firmware qca8337_firmware sda429w_firmware sa6150p_firmware wcn3990 sa8145p_firmware qcs610 sdm429w qca8337 qca6564au sdm429w_firmware wcn3950_firmware sa8150p_firmware qca6420_firmware qualcomm215 qcs410 wcd9370 qca6574a qca6564 wcn3990_firmware qca6430_firmware wcn3980 wcn3998 wcn3950 wcd9326_firmware wcd9340_firmware wcn3660b sd855 wsa8815 wcn3660b_firmware qca6574a_firmware qca6574au_firmware sdx55_firmware wcn3680b_firmware wcn3998_firmware wcn3980_firmware sdxr1_firmware wcn3610_firmware qca6420 qca6391 aqt1000_firmware qca6564au_firmware sa6155p_firmware qcs8155 sd429 qca6430 qca6574au qcn9074 sa6145p_firmware sd205 sd429_firmware sa8155p_firmware sd205_firmware wcd9340 sa8195p wsa8810_firmware qualcomm215_firmware wcd9341_firmware wsa8810 wcd9326 sa6155p sd210_firmware qcs610_firmware mdm9150 sa6145p wcn3680b qca6564_firmware wcd9341 sdxr1 qca6696_firmware sa8145p qca6696 qca6391_firmware wcd9370_firmware aqt1000 sa8150p sa6150p sdx55 sa8155p sda429w sd210 sd855_firmware wcn3620_firmware wsa8815_firmware wcn3620 sa8195p_firmware qcs8155_firmware qcn9074_firmware qcs410_firmware wcn3610 Snapdragon

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2022-25715

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.03%

7 Day CHG~0.00%

Published-06 Jan, 2023 | 04:42

Updated-09 Apr, 2025 | 19:57

Incorrect type casting in Display driver

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

CWE ID-CWE-704

Incorrect Type Conversion or Cast

CVE-2022-25682

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 22.44%

7 Day CHG~0.00%

Published-13 Dec, 2022 | 00:00

Updated-22 Apr, 2025 | 16:15

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-wcd9380_firmware mdm9310 wcn3615_firmware msm8996au sd429_firmware qca6595au_firmware qualcomm215_firmware sd730 qca6310 qsw8573 apq8009 mdm9607 qca6696 qca6421 wcn7850 mdm9205_firmware qca6564au msm8937 sdx24 wcn3660b sd632_firmware mdm8207_firmware sd720g qca6426_firmware sd710_firmware sd460 sd205_firmware msm8996au_firmware mdm9630 apq8056 msm8940 sdx24_firmware wsa8830 msm8920_firmware wsa8815 wcn3680b qca6430 wcn3620_firmware sd855 qcs6490_firmware wcd9340 sdx55_firmware sdxr2_5g_firmware apq8037 msm8976sg_firmware sd_8cx_gen2_firmware sc8180x\+sdx55_firmware mdm9207 sd712 mdm9650 sd765g_firmware qca6574a qca4004_firmware msm8108_firmware sd865_5g_firmware wcd9306_firmware apq8017_firmware qcm6125_firmware sdm429w_firmware sd835_firmware wcn6750 sm7325p msm8917_firmware sd_636_firmware ar6003 mdm8215 sd695_firmware qcc5100 sd_675 qca6335 sd625_firmware msm8108 qcs405 qca6431_firmware msm8208 csra6640 sd480_firmware mdm9215_firmware qet4101 qca6430_firmware qca8081 sm7315_firmware sm7325p_firmware qca6584au apq8009w sd870 mdm9150 qca9367 qca6390_firmware qcn9024_firmware sc8180x\+sdx55 wcn6855 qca6584_firmware qcx315_firmware wcn3910 sd870_firmware qcm6490_firmware sm6250 sdm630_firmware qca6431 qca6595au wcd9370 sd821_firmware qcs4290_firmware sd888_firmware wcn3980 ar6003_firmware sd439_firmware mdm8215m sm7315 sd765_firmware sd720g_firmware sd765g sd670 mdm9150_firmware sdx55m msm8208_firmware msm8917 sd450 wcn6850_firmware wcn3660 sd_455 sm6250p wsa8810_firmware wsa8815_firmware wcn3991_firmware sd625 sd850_firmware wcn6740 msm8608_firmware qca6436 msm8952_firmware wsa8810 sdxr1 msm8909w sdm630 sw5100p_firmware aqt1000_firmware qca4004 wsa8835_firmware wcd9335_firmware sm7250p_firmware mdm9615m apq8009_firmware qca6391 qcn9024 wcn3998_firmware csra6620 mdm9330_firmware mdm9310_firmware wcn6851 sd778g_firmware wcd9370_firmware sd675 qca6420_firmware sd439 mdm9615m_firmware wcn3660_firmware sdx57m qcx315 qcc5100_firmware msm8940_firmware sd210_firmware qcm6125 mdm9655_firmware apq8052_firmware sdx12 sd660 csrb31024_firmware sdm429w sdx20 qcs610 qualcomm215 apq8052 qca6391_firmware sd205 wcd9326_firmware sm7250p csra6620_firmware wcn3610 sdx20_firmware wcn3910_firmware msm8209 apq8017 wcd9375 sd750g_firmware msm8976_firmware qca6696_firmware mdm9215 sm6250p_firmware sd865_5g qca9377 wcn3990_firmware mdm9230_firmware wcn3950_firmware wcn3988 sd778g wcd9371_firmware wcn3615 msm8976 sd750g sd768g_firmware mdm8615m qcs605 msm8952 sd712_firmware mdm9615_firmware wcn7851 qca6310_firmware mdm8215m_firmware sd710 mdm9640_firmware qca6436_firmware qca9367_firmware sd_636 wcd9341_firmware sd821 sd632 wcd9340_firmware mdm9330 sd850 apq8037_firmware sd_675_firmware qca6174a_firmware qca6564a_firmware sd855_firmware sd662_firmware wcd9371 mdm9650_firmware sdx50m qcs405_firmware qcn6024_firmware qcs6490 sdx55 sd460_firmware sd_455_firmware msm8956 mdm9628 wcn3610_firmware qcm4290_firmware msm8976sg sd450_firmware sd820 wcn3660b_firmware sm4375 msm8909w_firmware qet4101_firmware sd665_firmware wcd9360_firmware sdw2500 sdw2500_firmware qsw8573_firmware sd626 sd768g wcn6740_firmware wcn6856 sd626_firmware apq8009w_firmware sda429w_firmware sdx50m_firmware qca6390 sd480 wcd9330 wcn7851_firmware sw5100 mdm8215_firmware wcn6850 sa415m wcn3950 qcs603_firmware msm8608 qca6320_firmware qca6584au_firmware qcm6490 qcn6024 qca6174a wcd9335 sd7c_firmware sd670_firmware wcn3680b_firmware sd835 qca6421_firmware qca6574au_firmware sd662 mdm9250_firmware qcs610_firmware mdm9205 msm8956_firmware mdm9207_firmware qca6174 qcm2290_firmware wcd9380 mdm9630_firmware qcm4290 wcn3680 mdm9628_firmware sd660_firmware sd730_firmware sd695 qca6174_firmware wcd9375_firmware sd888 ar8035_firmware wcn6856_firmware aqt1000 mdm9230 qcs603 sdx12_firmware ar8035 wcn6855_firmware mdm8207 wcd9360 qca6420 sd780g_firmware wcn3680_firmware qcm2290 sdx65_firmware mdm9250 sa515m sd845_firmware mdm9206 sdxr1_firmware sa515m_firmware mdm9655 mdm9607_firmware wcn3990 apq8076 sd429 apq8076_firmware sd690_5g qca8081_firmware msm8920 wsa8835 wcn3998 wcd9306 apq8056_firmware qca8337_firmware mdm9206_firmware qcs2290 sd820_firmware sd7c wcd9385 sd678 qca6574au wcn7850_firmware sdx65 wcd9385_firmware mdm9640 apq8096au wcn6750_firmware qcs410_firmware sd210 sd680 sd888_5g sd678_firmware qcs6125 sm4375_firmware wcn3991 qca6574 csra6640_firmware qca6574_firmware sa415m_firmware qca6564a sd675_firmware qca6574a_firmware sd665 sda429w sd888_5g_firmware wsa8830_firmware qca6320 qca8337 sd_8_gen1_5g_firmware sm6250_firmware sdxr2_5g wcd9341 wcn3980_firmware qcs2290_firmware wcn6851_firmware wcd9326 sd680_firmware msm8937_firmware qca9377_firmware mdm8615m_firmware apq8096au_firmware sw5100_firmware qca6584 sd780g qca6564au_firmware csrb31024 qca6426 qca6335_firmware sdx55m_firmware qcs6125_firmware sdx57m_firmware sd690_5g_firmware sm8475 wcn3620 sd765 qcs605_firmware wcd9330_firmware wcn3988_firmware qcs4290 msm8209_firmware sw5100p mdm9615 sd_8cx_gen2 sd845 qcs410 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25694

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.95%

7 Day CHG~0.00%

Published-07 Mar, 2023 | 04:43

Updated-05 Mar, 2025 | 16:45

Use of Out-of-range Pointer Offset in MODEM

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Product-qca9377_firmware mdm9640_firmware sm6250p_firmware qcs610 qca8337 qca6431_firmware wcd9360_firmware sdx65 wcn3950_firmware sc8180x\+sdx55 qcs2290 qca6595au_firmware qca6335 msm8917 mdm8215 sd_455_firmware csra6620_firmware apq8076 qcs605_firmware sd_675_firmware csra6640_firmware qcs6125_firmware mdm8615m_firmware sd632 msm8108 sa415m wcn3998 wcd9371_firmware msm8108_firmware wcn3950 qcn6024_firmware sd720g sd_8cx_gen2_firmware mdm9206_firmware qsw8573_firmware mdm9628 sd_8_gen1_5g_firmware wcn3660b sd450_firmware sd710_firmware sd460_firmware mdm9230_firmware sm7315_firmware mdm8215m wcn7850 qca6574au_firmware mdm9630 wcd9375_firmware qca8081_firmware wcn3998_firmware sdx12_firmware msm8909w apq8009w_firmware qca6420 wcd9360 sd680_firmware qca9367_firmware mdm8207 sd_8cx_gen2 qcs6125 apq8056_firmware qca4004_firmware sd662_firmware mdm9615m qca6430 qcs405 qts110 wcd9306_firmware wcd9340 sd626_firmware sd765g qualcomm215_firmware sw5100 sd680 qca6436 wcn6851 qcs603_firmware wcn7851_firmware msm8937 apq8052 msm8209_firmware mdm9250_firmware wcn3660_firmware wcd9341 qca6431 qca6696_firmware wcd9371 sd870_firmware sd750g mdm8215_firmware wcn3910_firmware mdm9207_firmware qca4004 wsa8830_firmware mdm9330_firmware sd855_firmware sd660 sd865_5g_firmware snapdragon_4_gen_1 sd712 wcn3988 sd660_firmware wcn7850_firmware sm8475 msm8208_firmware wcn6750_firmware sd450 wcn3610 msm8608 mdm9640 wcn3991 qca8337_firmware sda429w_firmware wcd9380_firmware sdm429w sw5100p msm8996au_firmware wcd9330 sd625_firmware qca6564au sdx55m_firmware wcn6856_firmware msm8940_firmware qet4101_firmware msm8976_firmware qca6574 sd632_firmware sd670_firmware wcd9380 qualcomm215 mdm9230 qcs410 sd690_5g_firmware sdx50m_firmware qca9379_firmware sdx24_firmware sd626 qca6174 qca6430_firmware sd439_firmware wcd9335_firmware wcn3980 qca6335_firmware qsw8573 qcm4325_firmware qcs605 wcd9340_firmware wsa8815 wcn6850 sd7c wcn3910 msm8956_firmware qca6584_firmware qca6320 msm8937_firmware mdm9650_firmware mdm9215_firmware qca6426_firmware wcn3660b_firmware wcn3680 sd695 sd835 qcn9024 wcn3980_firmware sd730 wcd9330_firmware sdx55m qcc5100_firmware qca6421_firmware wcn6740_firmware ar6003_firmware sd821_firmware sd678_firmware wcn3680_firmware wcn6851_firmware qcs603 sd670 sd_636_firmware qcn9024_firmware qca6564a_firmware apq8009w msm8976sg_firmware sdx57m qcm4290_firmware sd480 sd870 wcn6855 sw5100p_firmware sd210_firmware qcs610_firmware sd695_firmware sdxr1 apq8096au qcs405_firmware mdm8207_firmware sdm630_firmware mdm9205_firmware qca6391_firmware sd820_firmware wcd9370_firmware sd780g_firmware sdx55 sd888_firmware sd675 csra6640 sdx70m sd439 qet4101 wcn3660 qca9379 ar8035_firmware qcm2290 wcn3991_firmware mdm9150_firmware wsa8830 sd678 qcs2290_firmware sd7c_firmware csrb31024 mdm9628_firmware snapdragon_4_gen_1_firmware mdm9650 sd_636 csra6620 qcs4290 mdm9250 sd765g_firmware qca6420_firmware qca6390_firmware apq8009_firmware sd690_5g qca6174_firmware sd730_firmware mdm9310_firmware wcd9370 sd675_firmware sd625 qca6426 qca6584au_firmware wcn3990_firmware apq8076_firmware qca9377 sdw2500_firmware wcd9385_firmware sdxr2_5g_firmware wcd9326_firmware mdm9615m_firmware wcn3615_firmware sd662 apq8037 qca6320_firmware qca6584 wcn3680b_firmware sdx55_firmware wcn3615 qca6595au sm7250p_firmware wcn3610_firmware qca6436_firmware mdm9207 wcd9306 qca6584au sd778g qca6564au_firmware msm8208 qca6310 wcn7851 sd429 sa515m_firmware qcs6490 sdxr2_5g qca9367 sdm630 mdm9607_firmware sd821 msm8976sg sa415m_firmware wcn3988_firmware sd205 sd429_firmware qca6421 sd778g_firmware sm6250 sd712_firmware apq8017_firmware wsa8810_firmware sd765_firmware wcd9326 wcd9335 sg4150p qca8081 qca6174a_firmware qcs4290_firmware wcd9385 mdm8615m qcs6490_firmware sdx70m_firmware qca6390 wcd9375 sd750g_firmware aqt1000 msm8956 msm8976 sc8180x\+sdx55_firmware sm6250_firmware ar8035 msm8952 apq8056 msm8917_firmware sda429w sd210 wcn3620_firmware sdx20_firmware wsa8815_firmware sd888_5g_firmware sd820 qcm6490 wcn6850_firmware wsa8835_firmware wcn3620 apq8017 qcx315 ar6003 qca6564a mdm9630_firmware sg4150p_firmware qcm6125_firmware qcm4325 qcm2290_firmware wcn3990 sd_675 sd780g sd865_5g qcc5100 sdx24 sd888 msm8952_firmware msm8909w_firmware qcx315_firmware wsa8835 msm8996au sdm429w_firmware sd665_firmware sd888_5g sm6250p qca6574a mdm9206 wcn6855_firmware qca6174a sm7325p qca6310_firmware wcn6750 apq8052_firmware mdm9615 mdm9205 sa515m qca6574_firmware sd855 sm7325p_firmware sd665 sdx57m_firmware sd765 qca6574a_firmware sd768g_firmware msm8209 sd850_firmware sm7315 apq8009 sd460 qca6391 sdxr1_firmware mdm9310 aqt1000_firmware msm8920 sdx65_firmware qcm4290 csrb31024_firmware qcm6490_firmware sdx50m sdx20 sd480_firmware msm8920_firmware mdm9215 sd_455 qca6574au sd710 mdm8215m_firmware mdm9607 sd205_firmware wcd9341_firmware qcm6125 wsa8810 mdm9150 wcn6856 wcn3680b sd835_firmware sd768g wcn6740 qca6696 sd845_firmware msm8608_firmware sdw2500 msm8940 apq8096au_firmware qcn6024 sd845 mdm9615_firmware apq8037_firmware sm7250p sd720g_firmware sdx12 sw5100_firmware qcs410_firmware mdm9330 sd850 qts110_firmware Snapdragon

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25723

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.09% / 26.24%

7 Day CHG~0.00%

Published-17 Oct, 2022 | 00:00

Updated-13 May, 2025 | 20:15

Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile

Product-wcn6855 wsa8830 wcn6855_firmware sm8475 wcn7851_firmware wcn6856 wsa8830_firmware wcn7850_firmware wcn7850 wcn6856_firmware wsa8835 sd_8_gen1_5g_firmware wcd9380 wcn7851 wsa8835_firmware wcd9380_firmware Snapdragon Mobile

CWE ID-CWE-416

Use After Free

CVE-2022-25693

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.09% / 26.24%

7 Day CHG~0.00%

Published-16 Sep, 2022 | 05:25

Updated-03 Aug, 2024 | 04:42

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile

CWE ID-CWE-416

Use After Free

CVE-2022-25713

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 15.44%

7 Day CHG~0.00%

Published-02 May, 2023 | 05:08

Updated-03 Aug, 2024 | 04:49

Improper Restriction of Operations within the Bounds of a Memory Buffer in Automotive

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

Product-wsa8830 qca8337_firmware sa6150p_firmware wcd9380_firmware sa8145p_firmware qca8337 sd865_5g qca6431_firmware sm8350-ac_firmware wsa8835 sm7250-ac_firmware qca6574 sa8540p_firmware sd_8_gen1_5g wcd9380 sa8150p_firmware qca6595au_firmware qca6390_firmware sm8350 sxr2130 qca6574a wcn685x-5_firmware qca6426 wcn685x-1 snapdragon_8cx_gen_3_compute_platform__firmware sm8450 sm8250-ab wcn3998 wcd9385_firmware qam8295p sa9000p qca6574_firmware sd_8_gen1_5g_firmware sm7250-ab wsa8815 qsm8350_firmware qsm8350 qam8295p_firmware snapdragon_xr2_5g_platform_firmware qca6426_firmware sa9000p_firmware snapdragon_x55_5g_modem-rf_system qca6574a_firmware qca6574au_firmware qca6595au wcn3998_firmware qca8081_firmware snapdragon_x55_5g_modem-rf_system_firmware sm7250p_firmware sm8250-ab_firmware qca6391 qca6436_firmware sa8295p qca6421_firmware sa6155p_firmware snapdragon_x65_5g_modem-rf_system_firmware snapdragon_xr2_5g_platform snapdragon_x65_5g_modem-rf_system qca6698aq sa4155p_firmware sm8350_firmware wcn685x-5 sm8250_firmware sm7250-ab_firmware sm8250-ac qca6574au sa6145p_firmware sa8155p_firmware qca6421 sm7250-aa sa8195p wsa8810_firmware sm8450_firmware wsa8810 sm7250-aa_firmware qca6436 sa6155p sa8540p sm7250-ac qca8081 qca6698aq_firmware sa6145p sm8350-ac wcn685x-1_firmware wcd9385 sxr2130_firmware qca6431 qca6696_firmware sa8145p qca6696 qca6391_firmware sa4150p_firmware qca6390 ar8035 sa8150p sa6150p sa8155p sm8250-ac_firmware wsa8830_firmware sm8250 sd865_5g_firmware wsa8815_firmware wsa8835_firmware sm7250p snapdragon_8cx_gen_3_compute_platform_sa8195p_firmware sa8295p_firmware sa4155p sa4150p ar8035_firmware Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25661

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.08% / 25.51%

7 Day CHG~0.00%

Published-12 Oct, 2022 | 00:00

Updated-15 May, 2025 | 15:15

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Product-qcs605 wcn6855_firmware qca6391_firmware sd888_5g_firmware sd850 qca6574_firmware sdx50m_firmware ar8035 qca6430 sa8155 wcn7850_firmware sdx24_firmware wcd9375_firmware sd855_firmware sa8540p_firmware wcn3990 qca6174a_firmware wsa8835_firmware qca6696_firmware qca8337 sa6145p qca6431_firmware wcn6855 qam8295p wsa8830 qca6696 sm8475 sdx65 sd778g_firmware sm7325p qsm8350_firmware qca6420 sa6155p wcn3998_firmware wcn6750_firmware sdx55 qca6390_firmware sm7250p ar8035_firmware wcn6740_firmware sd765 sdx55_firmware qca6574a_firmware wcd9385_firmware qca8081_firmware wcn3950_firmware qcs605_firmware sdx24 sdxr2_5g_firmware qca6436_firmware wsa8815_firmware qcm6490 sd678 sdx57m_firmware sa6145p_firmware sa9000p qca6430_firmware qca6595 sd675_firmware wcd9370_firmware aqt1000 qca6391 wcn3991_firmware sa8295p qca6174a sa8295p_firmware wsa8835 sm7250p_firmware wcn6851_firmware sd768g_firmware wcn3980_firmware sm7315_firmware qca6574a wcn6750 qca6564a qcn9012_firmware qrb5165m sdx65_firmware qca6595au wcn6851 qcn9012 qcs6490_firmware sd865_5g wcd9340_firmware wcn6850_firmware sd865_5g_firmware qca6564au_firmware qca9377_firmware wsa8830_firmware wcd9341 sd845_firmware wcn3991 wcn3998 wcn6856_firmware qca6574au sd888_firmware sm7315 wcn3990_firmware sdx55m wcd9341_firmware qcs603_firmware sd670 qca6420_firmware qca6564au sd_675 sa9000p_firmware wsa8815 sd850_firmware sd_8cx_gen3 wcd9326 wcn6856 wcn6740 qca6564a_firmware wcn7850 sd_8_gen1_5g_firmware qca6426 wcd9380 qrb5165n qcn9011_firmware qrb5165_firmware sa8155p_firmware qsm8350 sd_8cx_firmware sd780g_firmware qca8337_firmware sd870_firmware wcd9326_firmware qcn9011 sd_8cx_gen3_firmware qca6574 sd_8cx_gen2_firmware sd870 sd765_firmware wcn7851_firmware sdx57m qca6426_firmware sd845 qrb5165n_firmware qcs6490 sd778g qam8295p_firmware sd_675_firmware sd768g wsa8810 qca6335 wcn6850 sd855 sd_8cx_gen2 qca6310_firmware wcd9380_firmware sd678_firmware sd888_5g sa8155_firmware sd670_firmware sd780g qca6335_firmware qca6390 qca6421 qrb5165 sa6155 qca6595au_firmware qcm6490_firmware wsa8810_firmware qca6310 sdx55m_firmware wcd9375 wcd9370 sa8150p_firmware wcn7851 qrb5165m_firmware wcd9340 qca6436 qca9377 wcd9385 sa6155p_firmware sd_8cx sa8150p sd765g wcn3950 qca6595_firmware qcs603 sdxr2_5g sa6155_firmware aqt1000_firmware sd888 sdx50m qca6431 sd675 wcn3980 sm7325p_firmware qca8081 qca6574au_firmware sa8155p sa8540p qca6421_firmware sd765g_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25655

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.95%

7 Day CHG~0.00%

Published-07 Mar, 2023 | 04:43

Updated-03 Aug, 2024 | 04:42

Buffer copy without checking the size of input in WLAN HAL.

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

Product-qca9377_firmware mdm9640_firmware sm6250p_firmware sa6150p_firmware qcs610 ipq4028_firmware qcn5550 ar9380 ipq8173_firmware wcd9360_firmware qca9561_firmware qcn5124 qca4024_firmware msm8992_firmware wcn3950_firmware sc8180x\+sdx55 ipq8078a ipq5028_firmware sa8150p_firmware qcs2290 qca6595au_firmware sa6155 qca6335 qcn5064 mdm8215 sd_455_firmware csra6620_firmware apq8076 qcs605_firmware sd_675_firmware csra6640_firmware qcs6125_firmware qca9987_firmware sa415m wcn3998 qca6554a_firmware wcd9371_firmware wcn3950 qcn6024_firmware sd720g sm4125 mdm9206_firmware sd_8cx_gen2_firmware ipq8076a mdm9628 wcn3660b sd710_firmware sd460_firmware qca4020 qca6428 qca6574au_firmware qcn5164_firmware ipq8071 wcd9375_firmware qca8081_firmware wcn3998_firmware sa6155_firmware qca6420 wcd9360 sdx20m qca6438_firmware qca9986 sd680_firmware ipq8070_firmware qca9367_firmware ipq8065 ipq8078a_firmware wcn3999 sd_8cx_gen2 ipq5028 qca7500 ipq8072_firmware ipq4029_firmware qcs6125 sa8155_firmware ipq6010 sd662_firmware ipq8068 qcs405 qca6430 wcd9340 qcn6132 sd765g qca1990_firmware sw5100 sd680 qca4020_firmware sa6155p qcs603_firmware mdm9250_firmware qca9888_firmware qcn6122 wcd9341 ipq8068_firmware qca6696_firmware wcd9371 sd750g qcn5154_firmware mdm8215_firmware wcn3910_firmware sd_8cx sa8150p qfe1922 wsa8830_firmware mdm9330_firmware qca9992_firmware sd660 sd855_firmware snapdragon_4_gen_1 sd712 wcn3988 qca6438 sd660_firmware sa8195p_firmware qcn5121 qcn5022_firmware qca9898 ipq4028 qca4010_firmware wcn3610 mdm9640 qca6428_firmware ipq5018_firmware qca9985_firmware wcn3991 ipq4018_firmware wcd9380_firmware ipq8072a qca7500_firmware qca9980_firmware sw5100p msm8996au_firmware wcd9330 ipq8076a_firmware ipq8078 qca6564au sdx55m_firmware ipq8173 qcn5164 qca9558 msm8976_firmware qca6574 sd670_firmware csr8811_firmware wcd9380 qcn5054_firmware qcs410 qcn5024 sd690_5g_firmware ipq4019_firmware sdx50m_firmware qca9379_firmware qca9985 qcn9012_firmware qca6174 qca6430_firmware qcn5052_firmware wcd9335_firmware wcn3980 qca6335_firmware ipq6018_firmware qcm4325_firmware qcs605 wcd9340_firmware wsa8815 sd7c wcn3910 qca6320 qca6584_firmware mdm9650_firmware qca9986_firmware mdm9215_firmware wcn3660b_firmware sd695 ipq6028 ipq8064 sd835 qca9984 qcn9024 qca1990 wcn3980_firmware sd730 qcn5550_firmware wcd9330_firmware sdx55m ipq8064_firmware qcc5100_firmware qcn5064_firmware sd678_firmware ar8031_firmware ipq8078_firmware qcn5054 qcs603 ipq8070 qca9994 qca6164_firmware qca9887_firmware qca9980 sd670 qcn9024_firmware ipq8174_firmware sd_636_firmware qca6564a_firmware qca9880 qcm4290_firmware sd480 qcn5121_firmware sw5100p_firmware qcs610_firmware apq8084_firmware sa6145p ipq6018 qca9886_firmware sd695_firmware sdxr1 ar8031 apq8096au qca6595_firmware qcs405_firmware sa8145p qca6164 sdm630_firmware sd820_firmware qca6391_firmware qca4024 wcd9370_firmware sdx55 qcn5021_firmware sa8155p csra6640 sd675 qca9531_firmware qca9379 qcm2290 qcn5024_firmware wcn3991_firmware wsa8830 sd678 qca9561 qcn9070 sa8145p_firmware qcs2290_firmware sd7c_firmware csrb31024 mdm9628_firmware snapdragon_4_gen_1_firmware mdm9650 sd_636 csra6620 qca9987 qcn9072 qca9880_firmware qca9992 qcs4290 mdm9250 sd765g_firmware qca6420_firmware ipq8069_firmware apq8009_firmware qca6390_firmware sd690_5g ipq6000 qca6174_firmware mdm9310_firmware sd730_firmware sd675_firmware wcd9370 ipq8072 qcn5152_firmware qca6564 qca6584au_firmware wcn3990_firmware apq8076_firmware qcn9000_firmware qca9984_firmware qca9377 ipq5018 sd_8cx_firmware wcd9385_firmware wcd9326_firmware wcn3615_firmware ipq8074a sd662 qcn5124_firmware qca9982 qfe1952_firmware apq8094 sa8155 qca6320_firmware qca6584 wcn3680b_firmware qcn5122_firmware sdx55_firmware wcn3615 qcn6023_firmware qca6595au wcn3999_firmware sm7250p_firmware wcn3610_firmware ipq5010 qca6564au_firmware qca6584au sa6155p_firmware qfe1952 qca6310 ipq8174 sa515m_firmware qca9990 qcn5052 qca9367 mdm9235m_firmware apq8092 apq8084 sdm630 mdm9607_firmware sa415m_firmware wcn3988_firmware msm8994_firmware qcn9074 sa6145p_firmware msm8992 sm6250 sd712_firmware sa8195p apq8017_firmware wsa8810_firmware sd765_firmware wcd9326 wcd9335 qca4010 sg4150p qca8081 qca9982_firmware qcn6023 ipq8071a qca6174a_firmware ipq8071a_firmware qcs4290_firmware wcd9385 qca6390 qca9898_firmware sd750g_firmware aqt1000 msm8976 wcd9375 sc8180x\+sdx55_firmware sm6250_firmware csr8811 ipq4019 qcn9100_firmware msm8994 apq8092_firmware ipq5010_firmware ipq8074a_firmware wsa8815_firmware sd820 wsa8835_firmware apq8017 qca6564a mdm9235m sg4150p_firmware qcm6125_firmware qcm4325 qca9882 qcm2290_firmware mdm9635m_firmware wcn3990 qcn9000 sd_675 qca6554a qca6595 ar9380_firmware qcc5100 qcn9012 qca9558_firmware qcn6122_firmware ipq8065_firmware wsa8835 msm8996au sd665_firmware sm6250p qcn5154 qca8075_firmware ipq4018 qca6574a ipq6005_firmware mdm9206 qca9889 qca6174a qcn6132_firmware qca9888 qca6310_firmware ipq8074 apq8094_firmware qca9994_firmware mdm9635m ipq8070a_firmware mdm9615 ipq8076_firmware sa515m qca6574_firmware qca9886 sd855 sm4125_firmware sd665 ipq8076 qfe1922_firmware qca6175a sd765 qca9887 qca6574a_firmware qcn5021 ipq8069 qcn5152 sd768g_firmware sd850_firmware apq8009 sd460 qca6391 sdxr1_firmware mdm9310 ipq6005 aqt1000_firmware qcn9100 qcm4290 csrb31024_firmware sdx50m qca9882_firmware qcn9070_firmware sd480_firmware ipq6028_firmware ipq8072a_firmware mdm9215 sd_455 qca9531 ipq8074_firmware qca6574au qca9889_firmware sd710 mdm9607 qcn5122 sa8155p_firmware wcd9341_firmware sdx20m_firmware qcm6125 wsa8810 qcn5022 wcn3680b sd835_firmware qca6564_firmware sd768g ipq6010_firmware qca6696 sd845_firmware sa6150p qca8075 qcn9022_firmware apq8096au_firmware qcn6024 qcn9022 sd845 mdm9615_firmware qca9990_firmware ipq8070a qcn9072_firmware sm7250p ipq6000_firmware sd720g_firmware ipq8071_firmware qcn9074_firmware qcs410_firmware sw5100_firmware mdm9330 ipq4029 qca6175a_firmware sd850 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-25660

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.51%

7 Day CHG~0.00%

Published-12 Oct, 2022 | 00:00

Updated-15 May, 2025 | 15:15

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Product-qcs605 wcn6855_firmware qca6391_firmware sd888_5g_firmware sd850 qca6574_firmware sdx50m_firmware ar8035 qca6430 sa8155 wcn7850_firmware sdx24_firmware wcd9375_firmware sd855_firmware sa8540p_firmware wcn3990 qca6174a_firmware wsa8835_firmware qca6696_firmware qca8337 sa6145p qca6431_firmware wcn6855 qam8295p wsa8830 qca6696 sm8475 sdx65 sd778g_firmware sm7325p qsm8350_firmware qca6420 sa6155p wcn3998_firmware wcn6750_firmware sdx55 qca6390_firmware sm7250p ar8035_firmware wcn6740_firmware sd765 sdx55_firmware qca6574a_firmware wcd9385_firmware qca8081_firmware wcn3950_firmware qcs605_firmware sdx24 sdxr2_5g_firmware qca6436_firmware wsa8815_firmware qcm6490 sd678 sdx57m_firmware sa6145p_firmware sa9000p qca6430_firmware qca6595 sd675_firmware wcd9370_firmware aqt1000 qca6391 wcn3991_firmware sa8295p qca6174a sa8295p_firmware wsa8835 sm7250p_firmware wcn6851_firmware sd768g_firmware wcn3980_firmware sm7315_firmware qca6574a wcn6750 qca6564a sdx65_firmware qca6595au wcn6851 qcs6490_firmware sd865_5g wcd9340_firmware wcn6850_firmware sd865_5g_firmware qca6564au_firmware qca9377_firmware wsa8830_firmware wcd9341 sd845_firmware wcn3991 wcn3998 wcn6856_firmware qca6574au sd888_firmware sm7315 wcn3990_firmware sdx55m wcd9341_firmware qcs603_firmware sd670 qca6420_firmware qca6564au sd_675 sa9000p_firmware wsa8815 sd850_firmware sd_8cx_gen3 wcd9326 wcn6856 wcn6740 qca6564a_firmware wcn7850 sd_8_gen1_5g_firmware qca6426 wcd9380 sa8155p_firmware qsm8350 sd_8cx_firmware sd780g_firmware qca8337_firmware sd870_firmware wcd9326_firmware sd_8cx_gen3_firmware qca6574 sd_8cx_gen2_firmware sd870 sd765_firmware wcn7851_firmware sdx57m qca6426_firmware sd845 qcs6490 sd778g qam8295p_firmware sd_675_firmware sd768g wsa8810 qca6335 wcn6850 sd855 sd_8cx_gen2 qca6310_firmware wcd9380_firmware sd678_firmware sd888_5g sa8155_firmware sd670_firmware sd780g qca6335_firmware qca6390 qca6421 sa6155 qca6595au_firmware qcm6490_firmware wsa8810_firmware qca6310 sdx55m_firmware wcd9375 wcd9370 sa8150p_firmware wcn7851 wcd9340 qca6436 qca9377 wcd9385 sa6155p_firmware sd_8cx sa8150p sd765g wcn3950 qca6595_firmware qcs603 sdxr2_5g sa6155_firmware aqt1000_firmware sd888 sdx50m qca6431 sd675 wcn3980 sm7325p_firmware qca8081 qca6574au_firmware sa8155p sa8540p qca6421_firmware sd765g_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-415

Double Free

CVE-2022-25743

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.97%

7 Day CHG~0.00%

Published-15 Nov, 2022 | 00:00

Updated-22 Apr, 2025 | 16:15

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables