ByteOS

Product:Multiple Chipsets

Added At:05 Dec, 2023

Due At:26 Dec, 2023

Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability

Used in Ransomware

Unknown

CWE

CWE-823

Required Action:

Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Additional Notes:

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/1e46e81dbeb69aafd5842ce779f07e617680fd58; https://nvd.nist.gov/vuln/detail/CVE-2023-33106

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:qualcomm

Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f

Published At:05 Dec, 2023 | 03:04

Updated At:30 Jul, 2025 | 01:37

▼CVE Numbering Authority (CNA)

Use of Out-of-range Pointer Offset in Graphics

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

Affected Products

Vendor

Product

Snapdragon

Platforms

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Wearables

Default Status

unaffected

Versions

Affected

AR8035
CSRA6620
CSRA6640
FastConnect 6200
FastConnect 6700
FastConnect 6800
FastConnect 6900
FastConnect 7800
Flight RB5 5G Platform
QAM8255P
QAM8295P
QAM8650P
QAM8775P
QCA6174A
QCA6391
QCA6426
QCA6436
QCA6574
QCA6574A
QCA6574AU
QCA6595
QCA6595AU
QCA6696
QCA6698AQ
QCA6797AQ
QCA8081
QCA8337
QCA9377
QCM2290
QCM4290
QCM4325
QCM4490
QCM5430
QCM6490
QCM8550
QCN6024
QCN9011
QCN9012
QCN9024
QCS2290
QCS410
QCS4290
QCS4490
QCS5430
QCS610
QCS6490
QCS7230
QCS8250
QCS8550
QRB5165M
QRB5165N
Qualcomm 215 Mobile Platform
Qualcomm Video Collaboration VC1 Platform
Qualcomm Video Collaboration VC3 Platform
Qualcomm Video Collaboration VC5 Platform
Robotics RB5 Platform
SA4150P
SA4155P
SA6145P
SA6150P
SA6155P
SA8145P
SA8150P
SA8155P
SA8195P
SA8255P
SA8295P
SA8770P
SA8775P
SA9000P
SD 8 Gen1 5G
SD660
SD865 5G
SD888
SG4150P
SG8275P
SM4125
SM7250P
SM7315
SM7325P
SM8550P
Smart Audio 400 Platform
Snapdragon 4 Gen 1 Mobile Platform
Snapdragon 4 Gen 2 Mobile Platform
Snapdragon 439 Mobile Platform
Snapdragon 460 Mobile Platform
Snapdragon 480 5G Mobile Platform
Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
Snapdragon 660 Mobile Platform
Snapdragon 662 Mobile Platform
Snapdragon 680 4G Mobile Platform
Snapdragon 685 4G Mobile Platform (SM6225-AD)
Snapdragon 690 5G Mobile Platform
Snapdragon 695 5G Mobile Platform
Snapdragon 750G 5G Mobile Platform
Snapdragon 765 5G Mobile Platform (SM7250-AA)
Snapdragon 765G 5G Mobile Platform (SM7250-AB)
Snapdragon 768G 5G Mobile Platform (SM7250-AC)
Snapdragon 778G 5G Mobile Platform
Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)
Snapdragon 780G 5G Mobile Platform
Snapdragon 782G Mobile Platform (SM7325-AF)
Snapdragon 7c+ Gen 3 Compute
Snapdragon 8 Gen 1 Mobile Platform
Snapdragon 8 Gen 2 Mobile Platform
Snapdragon 8+ Gen 1 Mobile Platform
Snapdragon 8+ Gen 2 Mobile Platform
Snapdragon 865 5G Mobile Platform
Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
Snapdragon 870 5G Mobile Platform (SM8250-AC)
Snapdragon 888 5G Mobile Platform
Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
Snapdragon AR2 Gen 1 Platform
Snapdragon Auto 5G Modem-RF
Snapdragon W5+ Gen 1 Wearable Platform
Snapdragon X12 LTE Modem
Snapdragon X55 5G Modem-RF System
Snapdragon X65 5G Modem-RF System
Snapdragon XR2 5G Platform
Snapdragon XR2+ Gen 1 Platform
SSG2115P
SSG2125P
SW5100
SW5100P
SXR1230P
SXR2130
SXR2230P
WCD9326
WCD9335
WCD9341
WCD9370
WCD9375
WCD9380
WCD9385
WCD9390
WCD9395
WCN3615
WCN3660B
WCN3680B
WCN3910
WCN3950
WCN3980
WCN3988
WCN3990
WCN6740
WSA8810
WSA8815
WSA8830
WSA8832
WSA8835
WSA8840
WSA8845
WSA8845H

Problem Types

Type	CWE ID	Description
CWE	CWE-823	CWE-823 Use of Out-of-range Pointer Offset

Type: CWE

CWE ID: CWE-823

Description: CWE-823 Use of Out-of-range Pointer Offset

Metrics

Version	Base score	Base severity	Vector
3.1	8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin	N/A

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CISA ADP Vulnrichment

Affected Products

Vendor

Product

ar8035_firmware

CPEs

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

csra6620_firmware

CPEs

cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

csra6640_firmware

CPEs

cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

fastconnect_6200_firmware

Product

CPEs

cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

fastconnect_6700_firmware

Product

CPEs

cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

fastconnect_6800_firmware

Product

CPEs

cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

fastconnect_6900_firmware

Product

CPEs

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

fastconnect_7800_firmware

Product

CPEs

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

flight_rb5_5g_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qam8255p_firmware

CPEs

cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qam8295p_firmware

CPEs

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qam8650p_firmware

CPEs

cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qam8775p_firmware

CPEs

cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6174a_firmware

CPEs

cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6391_firmware

CPEs

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6426_firmware

CPEs

cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6436_firmware

CPEs

cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6574_firmware

CPEs

cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6574a_firmware

CPEs

cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6574au_firmware

CPEs

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6595_firmware

CPEs

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6595au_firmware

CPEs

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6696_firmware

CPEs

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6698aq_firmware

CPEs

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca6797aq_firmware

CPEs

cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca8081_firmware

CPEs

cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca8337_firmware

CPEs

cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qca9377_firmware

CPEs

cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm2290_firmware

CPEs

cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm4290_firmware

CPEs

cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm4325_firmware

CPEs

cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm4490_firmware

CPEs

cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm5430_firmware

CPEs

cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm6490_firmware

CPEs

cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcm8550_firmware

CPEs

cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcn6024_firmware

CPEs

cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcn9011_firmware

CPEs

cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcn9012_firmware

CPEs

cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcn9024_firmware

CPEs

cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs2290_firmware

CPEs

cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs410_firmware

CPEs

cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs4290_firmware

CPEs

cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs4490_firmware

CPEs

cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs5430_firmware

CPEs

cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs610_firmware

CPEs

cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs6490_firmware

CPEs

cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs7230_firmware

CPEs

cpe:2.3:o:qualcomm:qcs7230_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs8250_firmware

CPEs

cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qcs8550_firmware

CPEs

cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qrb5165m_firmware

CPEs

cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

qrb5165n_firmware

CPEs

cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

qualcomm_215_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:qualcomm_215_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

qualcomm_video_collaboration_vc1_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

qualcomm_video_collaboration_vc3_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

qualcomm_video_collaboration_vc5_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc5_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

robotics_rb5_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:robotics_rb5_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa4150p_firmware

CPEs

cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa4155p_firmware

CPEs

cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa6145p_firmware

CPEs

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa6150p_firmware

CPEs

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa6155p_firmware

CPEs

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8145p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8150p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8155p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8195p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8255p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8295p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8770p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa8775p_firmware

CPEs

cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sa9000p_firmware

CPEs

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sd_8_gen1_5g_firmware

CPEs

cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sd660_firmware

CPEs

cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sd865_5g_firmware

CPEs

cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sd888_firmware

CPEs

cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sg4150p_firmware

CPEs

cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sg8275p_firmware

CPEs

cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sm4125_firmware

CPEs

cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sm7250p_firmware

CPEs

cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sm7315_firmware

CPEs

cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sm7325p_firmware

CPEs

cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sm8550p_firmware

CPEs

cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

smart_audio_400_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_4_gen_1_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_4_gen_2_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_439_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_439_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_460_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_480_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_660_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_662_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_680_4g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_690_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_695_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_750g_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_778g_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_780g_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_8_gen_1_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_8_gen_2_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_865_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_888_5g_mobile_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_ar2_gen_1_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_auto_5g_modem-rf_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_x12_lte_modem_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_x12_lte_modem_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_x55_5g_modem-rf_system_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_x65_5g_modem-rf_system_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

snapdragon_xr2_5g_platform_firmware

Product

CPEs

cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

ssg2115p_firmware

CPEs

cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

ssg2125p_firmware

CPEs

cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sw5100_firmware

CPEs

cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sw5100p_firmware

CPEs

cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sxr1230p_firmware

CPEs

cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sxr2130_firmware

CPEs

cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

sxr2230p_firmware

CPEs

cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9326_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9335_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9341_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9370_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9375_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9380_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9385_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9390_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcd9395_firmware

CPEs

cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3615_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3660b_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3680b_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3910_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3950_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3980_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3988_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn3990_firmware

CPEs

cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wcn6740_firmware

CPEs

cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8810_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8815_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8830_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8832_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8835_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8840_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8845_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Vendor

Product

wsa8845h_firmware

CPEs

cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through * (custom)

Metrics Other Info

kev

dateAdded:

2023-12-05

reference:

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-33106

Timeline

Event	Date
CVE-2023-33106 added to CISA KEV	2023-12-05 00:00:00

Event: CVE-2023-33106 added to CISA KEV

Date: 2023-12-05 00:00:00

2. CVE Program Container

References

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin	x_transferred

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Resource:

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:product-security@qualcomm.com

Published At:05 Dec, 2023 | 03:15

Updated At:11 Aug, 2025 | 15:06

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2023-12-05	2023-12-26	Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability	Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Date Added: 2023-12-05

Due Date: 2023-12-26

Vulnerability Name: Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability

Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CPE Matches

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

>>ar8035_firmware>>-

cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

>>ar8035>>-

cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*

>>csra6620_firmware>>-

cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

>>csra6620>>-

cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*

>>csra6640_firmware>>-

cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*

>>csra6640>>-

cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*

>>fastconnect_6200_firmware>>-

cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*

>>fastconnect_6200>>-

cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*

>>fastconnect_6700_firmware>>-

cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*

>>fastconnect_6700>>-

cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*

>>fastconnect_6800_firmware>>-

cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*

>>fastconnect_6800>>-

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

>>fastconnect_6900_firmware>>-

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

>>fastconnect_6900>>-

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

>>fastconnect_7800_firmware>>-

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

>>fastconnect_7800>>-

cpe:2.3:h:qualcomm:flight_rb5_5g_platform:-:*:*:*:*:*:*:*

>>flight_rb5_5g_platform>>-

cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*

>>flight_rb5_5g_platform_firmware>>-

cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*

>>qam8255p_firmware>>-

cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*

>>qam8255p>>-

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

>>qam8295p_firmware>>-

cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

>>qam8295p>>-

cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*

>>qam8650p_firmware>>-

cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*

>>qam8650p>>-

cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*

>>qam8775p_firmware>>-

cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*

>>qam8775p>>-

cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*

>>qca6174a_firmware>>-

cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

>>qca6174a>>-

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

>>qca6391_firmware>>-

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

>>qca6391>>-

cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*

>>qca6426_firmware>>-

cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

>>qca6426>>-

cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*

>>qca6436_firmware>>-

cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

>>qca6436>>-

cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*

>>qca6574_firmware>>-

cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*

>>qca6574>>-

cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*

>>qca6574a_firmware>>-

cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

>>qca6574a>>-

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

>>qca6574au_firmware>>-

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

>>qca6574au>>-

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

>>qca6595_firmware>>-

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

>>qca6595>>-

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

>>qca6595au_firmware>>-

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

>>qca6595au>>-

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

>>qca6696_firmware>>-

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

>>qca6696>>-

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

>>qca6698aq_firmware>>-

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

>>qca6698aq>>-

cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*

>>qca6797aq_firmware>>-

cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*

>>qca6797aq>>-

Weaknesses

CWE ID	Type	Source
CWE-823	Secondary	product-security@qualcomm.com
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-823

Type: Secondary

Source: product-security@qualcomm.com

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin	product-security@qualcomm.com	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Source: product-security@qualcomm.com

Resource:

Patch

Vendor Advisory

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Patch

Vendor Advisory

Similar CVEs

1402Records found

CVE-2017-8245

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.13%

7 Day CHG~0.00%

Published-12 May, 2017 | 20:00

Updated-20 Apr, 2025 | 01:37

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-53033

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.79%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-07 Mar, 2025 | 11:47

Untrusted Pointer Dereference in DSP_Services

Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.

Product-wcd9380_firmware sc8380xp sc8380xp_firmware fastconnect_6900 fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wcd9385_firmware fastconnect_7800 wsa8845h_firmware wcd9380 wsa8845h wsa8845_firmware wsa8840 wcd9385 wsa8845 Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-49840

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 2.66%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 16:02

Use of Out-of-range Pointer Offset in WLAN Windows Host

Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-45573

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.79%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-12 Feb, 2025 | 20:51

Use of Out-of-range Pointer Offset in Display

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-45584

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.79%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 16:01

Untrusted Pointer Dereference in Automotive Android OS

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-43053

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.59%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:29

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

Product-fastconnect_7800 qca2062_firmware qca2066 wcd9380_firmware sdm429w wsa8840_firmware fastconnect_6900 fastconnect_6900_firmware sc8380xp_firmware wsa8840 sdm429w_firmware fastconnect_6700_firmware snapdragon_7c\+_gen_3_compute wcd9380 fastconnect_7800_firmware wsa8845h fastconnect_6700 qca2064_firmware qca2062 wcd9385 qca2066_firmware qca2065_firmware qcc2076_firmware wcd9385_firmware wsa8845 snapdragon_429_mobile_platform qcc2073_firmware qca2064 wcn3660b qca2065 qcc2076 wsa8845_firmware wcn3620_firmware snapdragon_7c\+_gen_3_compute_firmware wcn3660b_firmware sc8380xp snapdragon_429_mobile_platform_firmware wcn3620 wsa8845h_firmware qcc2073 Snapdragon qca2062_firmware wcd9380_firmware qca2066_firmware qca2065_firmware qcc2076_firmware wsa8840_firmware wcd9385_firmware fastconnect_6900_firmware qcc2073_firmware sc8380xp_firmware wsa8845_firmware wcn3620_firmware sdm429w_firmware fastconnect_6700_firmware wcn3660b_firmware snapdragon_429_mobile_platform_firmware fastconnect_7800_firmware wsa8845h_firmware qca2064_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-11288

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.69%

7 Day CHG~0.00%

Published-07 May, 2021 | 09:10

Updated-04 Aug, 2024 | 11:28

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Product-qfs2580 qca9377_firmware qpm5679_firmware sm6250p_firmware qca8337 qfs2608_firmware qfs2530 qpm8870_firmware qpa8688 pm6125 qat5522_firmware wcn3950_firmware pm8150a sc8180x\+sdx55 qdm5670 qca6595au_firmware qpm5541_firmware qpa5581_firmware sa6155 pm7150l qpa8821 pm8998_firmware wtr5975_firmware qcs6125_firmware pm456_firmware qpa5580_firmware sa415m wcn3998 wcd9371_firmware wcn3950 sm4125 sd720g qsw8573_firmware qsm8350_firmware qsw8574_firmware qsm8350 sd460_firmware smb2351_firmware sd6905g qpa4360_firmware wcn3998_firmware pm855p qca6420 pm6150a qpm6670_firmware pm660_firmware pm8150b sa8155_firmware qca4004_firmware qca6430 qat3522 pmr735a wcd9306_firmware wcd9340 sd765g sdr660 qfs2630_firmware sdr865 qdm5620_firmware smr545 qca6696_firmware qln5020 wcd9371 sd870_firmware pmm855au_firmware sa8150p pm6350 qdm5621 qtc800s qca4004 qet6105 sd712 pm640p_firmware wcn6750_firmware qat5516_firmware pm6150l sd8885g pm855l_firmware qtc410s wcn3991 qpa8801 pm8150l_firmware qat5533_firmware sdx55m_firmware sdxr25g qpa8673_firmware pm6150 smb1354_firmware sd670_firmware qca6574 qfs2630 qpa8842 sdr052_firmware wcd9380 qcs410 qpm5579_firmware smb1380_firmware pmk8350_firmware smb1381 pm855p_firmware pm7250 qpa8803 sdx24_firmware sdxr25g_firmware qdm2301 wcd9340_firmware wsa8815 wcn6850 qdm5621_firmware qdm2301_firmware qpm6375 wcn3980_firmware sd730 pm660l_firmware pm6250_firmware pm8008 pm8350b_firmware qtm525_firmware pme605_firmware pme605 sd678_firmware qpm5621_firmware qln1021aq_firmware qcs603 qpa6560_firmware qpa8802_firmware qln4640_firmware qpm5621 qpm6582 sd670 pm8009_firmware qfs2580_firmware qcm4290_firmware wcn6855 pm8150l pmi8998_firmware qcs610_firmware sa6145p sdr105 pm4250 ar8031 qpm5577 wtr2965 mdm9205_firmware qca6391_firmware sa2150p pm8150 wcd9370_firmware qat3516_firmware sdx55 csra6640 qat3555_firmware qpa8803_firmware pm855b smb2351 qln1031 qsm8250_firmware qpm5870 wsa8830 pm660 qet6110_firmware qpm6325 pm6125_firmware qbt1500 qpa5581 csrb31024 pmx24_firmware fsm10055_firmware qbt1500_firmware qpm5870_firmware qcs4290 qet6100 pmm855au qca6420_firmware smb1396 pm7150a sd675_firmware pm8350 qca6564 qpa4361_firmware pm8350c_firmware qpa5461_firmware qca6426 wcn3990_firmware qca9377 qpm5641 wcd9385_firmware qdm5650_firmware wcd9326_firmware pm7250_firmware qdm5620 qln1021aq smb1380 pmk8002_firmware qsw6310_firmware sa8155 qln1031_firmware qdm4650_firmware sdx55_firmware pmm6155au_firmware qat5533 sm7250p_firmware qsm7250_firmware qpm6670 pm7150l_firmware wcd9306 qca6584au qpm4641 qat5515_firmware pm855 qpm8830_firmware pm8250 qdm4643 qfs2530_firmware sa415m_firmware pmx55 qpm4641_firmware wcn3988_firmware pm8150c_firmware qca6421 qdm3301 qpa8842_firmware qat3519_firmware sa8195p sdr735_firmware qpm5677 qat5515 wcd9326 wcd9335 pm6350_firmware pm8004_firmware sdr8150_firmware qcs4290_firmware qtc800h_firmware qpm5620 qpm4630 qca6390 wcd9375 sd750g_firmware aqt1000 sc8180x\+sdx55_firmware pmm8195au sm6250_firmware qln4642 qpm5677_firmware wsa8815_firmware wtr3925_firmware smr525_firmware pm8998 qpm8820_firmware qpm6621_firmware pm670a_firmware qcm6125_firmware pmx55_firmware qca6595 pm8150_firmware smb1398_firmware qpm8830 qat5522 pm8150c pmr735b sd665_firmware qpa4360 pmk8003_firmware qpa4361 qpm4640_firmware wcn6855_firmware qpm5577_firmware qdm5679_firmware pm8350c smr525 qca6310_firmware pm6150l_firmware pmr525 pm8150a_firmware qca6574_firmware qln1036aq_firmware sd665 pm6150a_firmware pm6150_firmware qca6175a sd765 qca6574a_firmware qpm4630_firmware qat3555 sd850_firmware qpa5461 sd8c_firmware wtr2965_firmware pm670_firmware csrb31024_firmware qfs2608 sd480_firmware qln1036aq qtc801s qpm5641_firmware sd710 pm8008_firmware qpm6621 pmr735a_firmware pmx50 qca6564_firmware sdr8250 sd768g pm8004 pm640l pmk8002 sd845 qcs410_firmware qca6175a_firmware qpa5580 qpm5579 fsm10055 sa6150p_firmware qcs610 qpm5620_firmware qdm2307 qca6431_firmware qpa8802 wcd9360_firmware qpm6585_firmware qat3519 qbt2000_firmware qtc800h sa8150p_firmware qcs2290 sdr8250_firmware qca6335 csra6620_firmware qcs605_firmware smr546_firmware qdm5671 csra6640_firmware pmc1000h qpm4650_firmware qat3518 sd8c sdr425_firmware smr526_firmware pm640a_firmware wgr7640_firmware qdm2305_firmware qpm5670_firmware sd710_firmware qdm5652 qca6574au_firmware qpm8870 wcd9375_firmware qpm5679 qbt2000 sa6155_firmware wcd9360 pmx50_firmware qpa8675_firmware sdr735g wcn3999 qdm3301_firmware qsm7250 qcs6125 sd662_firmware qcs405 qdm2308_firmware fsm10056_firmware qca6436 wcn6851 sa6155p qcs603_firmware qpa6560 sdr675_firmware wcd9341 qdm4643_firmware qca6431 qet4100_firmware sd750g wcn3910_firmware qpm5657 qpm5875_firmware wsa8830_firmware sd855_firmware qdm5650 wcn3988 wtr3925 sdr052 sa8195p_firmware smb1390 qet4100 qpa8686_firmware qpm6585 qca8337_firmware wcd9380_firmware smb1355 qln4650 sdr735g_firmware wgr7640 qat5568 qet5100 qdm5671_firmware qpa8801_firmware qca6564au qtm527_firmware wcn6856_firmware pm8005_firmware qet4101_firmware pm7250b qln4642_firmware smb1355_firmware pm7250b_firmware pmd9655_firmware smb1351_firmware qet4200aq_firmware sdx50m_firmware sdr735 smb1395 pm660l smr526 wtr5975 qca6430_firmware pmk8003 qtc801s_firmware wcd9335_firmware qat3522_firmware wcn3980 qca6335_firmware qsw8573 qcs605 sd7c wcn3910 qca6426_firmware pm8350_firmware pm8009 qpa8675 sdr051_firmware sdx55m pm670a qca6421_firmware qat3518_firmware qsw8574 pmi8998 sd6905g_firmware ar8031_firmware pm855l wcn6851_firmware qdm5670_firmware sd8655g pm7150a_firmware pm8150b_firmware smr545_firmware pmc1000h_firmware qca6564a_firmware qdm2310_firmware pm4250_firmware sdr105_firmware sd480 sd870 sd8885g_firmware pm670 qdm5677 pm8005 qsm8250 pm855_firmware qdm2302 pmm6155au sdxr1 pm855b_firmware qca6595_firmware qcs405_firmware qpm6582_firmware qpm6375_firmware pm640l_firmware qln4650_firmware qpm5875 qet5100m sd888_firmware sa8155p sd675 qet4101 qat3516 pm670l qpm5658 ar8035_firmware qcm2290 qpm5658_firmware wcn3991_firmware qdm5652_firmware pmm8155au_firmware sd678 sdr051 qln5030 qcs2290_firmware pm4125 fsm10056 pmi632 qpa2625_firmware pm456 sd7c_firmware pm8350bh_firmware csra6620 pmr735b_firmware qet5100_firmware qpm4621 qet6100_firmware pm670l_firmware sdr660g sd765g_firmware qpa8686 qca6390_firmware sd730_firmware wcd9370 sdr425 pmr525_firmware qca6584au_firmware pmi632_firmware qpm5541 qat5516 sd662 qpa8821_firmware sdr660g_firmware pm8350bh pm3003a qca6595au wcn3999_firmware qca6436_firmware smb1354 qca6564au_firmware qdm2305 sa6155p_firmware qca6310 qpm8820 qln5020_firmware sa515m_firmware smb1398 sa6145p_firmware sdr675 sm6250 sd712_firmware wsa8810_firmware smb231 sd765_firmware qdm5677_firmware qet4200aq qca6174a_firmware wcd9385 qpm6325_firmware qdm2302_firmware qat3550_firmware pmm8155au qln5040_firmware pm4125_firmware ar8035 qpa8673 qdm2310 qln5030_firmware smb1396_firmware wcn6850_firmware wsa8835_firmware qca6564a smr546 pmx24 qet6110 qln5040 qcm2290_firmware qpm8895 qpm5670 wcn3990 qtm527 pmk8350 sdx24 sd888 pm8350b qdm2307_firmware wsa8835 qpm5657_firmware sm6250p sdr660_firmware qca6574a smb1390_firmware qca6174a qpm4640 wcn6750 qet5100m_firmware qpm4650 mdm9205 qtm525 sa515m sa2150p_firmware sd855 sm4125_firmware sd8cx pm640p sd768g_firmware sdr865_firmware pm8250_firmware pm6250 sd460 qca6391 sd8cx_firmware sdxr1_firmware smb1351 aqt1000_firmware qpm8895_firmware qcm4290 sdx50m pm640a sdr8150 smb1395_firmware qdm4650 pmd9655 qca6574au sa8155p_firmware qsw6310 qet6105_firmware sd8655g_firmware wcd9341_firmware qcm6125 wsa8810 qtc410s_firmware smb231_firmware qat5568_firmware qdm2308 qat3550 wcn6856 qdm5679 pm3003a_firmware qca6696 qtc800s_firmware smb1381_firmware sd845_firmware qpa2625 sa6150p qpa8688_firmware pmm8195au_firmware sm7250p sd720g_firmware qpm4621_firmware sd850 qln4640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-43060

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.79%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-03 Mar, 2025 | 13:08

Use of Out-of-range Pointer Offset in Automotive Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

Product-Snapdragon

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2021-30289

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.39%

7 Day CHG~0.00%

Published-03 Jan, 2022 | 07:26

Updated-03 Aug, 2024 | 22:32

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-fsm10055 qca9377_firmware mdm9150_firmware wcn3991_firmware sd678 mdm9640_firmware sa6150p_firmware sa8145p_firmware qcs610 sm6250p_firmware qcs2290_firmware fsm10056 sd7c_firmware csrb31024 mdm9628_firmware mdm9650 fsm10055_firmware qcs4290 wcn3950_firmware mdm9250 sa8150p_firmware qca6420_firmware qca6595au_firmware qcs2290 sd730_firmware wcd9370 qcs605_firmware sd_675_firmware sd675_firmware qca6584au_firmware wcn3990_firmware qca9377 sa415m wcn3998 sdw2500_firmware sd_8cx_firmware wcn3950 wcd9326_firmware mdm9628 sd720g mdm9206_firmware qsw8573_firmware wcn3615_firmware wcn3660b sd662 sd460_firmware qca6584 qca6574au_firmware wcn3680b_firmware qca6595au sdx12_firmware wcd9375_firmware wcn3615 msm8909w wcn3998_firmware apq8009w_firmware qca6420 wcn3610_firmware mdm9207 qca6564au_firmware qca6584au sa6155p_firmware qca9367_firmware wcd9306 mdm8207 sm6225 sd429 qca9367 qca4004_firmware mdm9607_firmware sd662_firmware sa415m_firmware wcn3988_firmware qca6430 sa6145p_firmware sd205 sd429_firmware sm6250 wcd9306_firmware wcd9340 sa8195p apq8017_firmware wsa8810_firmware qualcomm215_firmware fsm10056_firmware wcd9326 wcd9335 sa6155p qcs603_firmware qca6174a_firmware mdm9250_firmware qcs4290_firmware wcd9341 qca6696_firmware wcn3910_firmware wcd9375 sd_8cx aqt1000 sa8150p sm6250_firmware mdm9207_firmware qca4004 sda429w sd210 sd855_firmware sd660 wcn3620_firmware sdx20_firmware wcn3988 wsa8815_firmware sd660_firmware wcn3620 sa8195p_firmware apq8017 qca6564a wcn3610 mdm9640 qcm2290_firmware wcn3991 sda429w_firmware wcd9380_firmware wcn3990 sd_675 sdm429w msm8996au_firmware wcd9330 qca6564au sdx24 qet4101_firmware msm8909w_firmware qca6574 msm8996au sdm429w_firmware sd665_firmware wcd9380 sd850 sm6250p qualcomm215 qcs410 qca6574a mdm9206 qca6174a sdx24_firmware qca6430_firmware wcd9335_firmware wcn3980 qsw8573 mdm9205 qca6574_firmware qcs605 wcd9340_firmware sd855 wsa8815 sd665 sd7c wcn3910 qca6584_firmware mdm9650_firmware wcn3660b_firmware qca6574a_firmware sd850_firmware wcn3980_firmware sd460 sd730 sdxr1_firmware wcd9330_firmware aqt1000_firmware sd678_firmware qcm4290 csrb31024_firmware sdx20 qcs603 sm6225_firmware qca6574au sa8155p_firmware mdm9607 sd205_firmware qca6564a_firmware apq8009w wcd9341_firmware qcm4290_firmware wsa8810 sd210_firmware qcs610_firmware mdm9150 sa6145p wcn3680b sdxr1 apq8096au sa8145p mdm8207_firmware qca6696 mdm9205_firmware sd845_firmware wcd9370_firmware sa6150p sdw2500 apq8096au_firmware sa8155p sd675 sd845 qet4101 sd720g_firmware sdx12 qcs410_firmware qcm2290 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2021-30316

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 7.69%

7 Day CHG~0.00%

Published-20 Oct, 2021 | 06:31

Updated-03 Aug, 2024 | 22:32

Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Product-fsm10055 qca9377_firmware mdm9150_firmware wcn3991_firmware sd678 sa6150p_firmware wsa8830 sa8145p_firmware qcs610 fsm10056 wcd9360_firmware csra6620 fsm10055_firmware wcn3950_firmware sa8150p_firmware qca6595au_firmware sa6155 wcd9370 csra6620_firmware sd_675_firmware sd675_firmware csra6640_firmware qca6584au_firmware wcn3990_firmware qca9377 sa415m wcn3998 wcd9385_firmware wcn3950 sd720g wcn3660b sa8155 qca6574au_firmware sdx55_firmware wcn3680b_firmware qca6595au sa6155_firmware sdx12_firmware wcd9375_firmware wcn3998_firmware wcn3610_firmware wcd9360 qca6564au_firmware qca6584au sa6155p_firmware sd778g sa515m_firmware qcs6490 sa8155_firmware sa415m_firmware qcs405 wcn3988_firmware sa6145p_firmware sm6250 sd778g_firmware sa8195p wsa8810_firmware fsm10056_firmware wcn6851 wcd9335 sa6155p qca6174a_firmware wcd9385 wcd9341 qca6696_firmware qcs6490_firmware wcd9375 sa8150p sm6250_firmware wsa8830_firmware sda429w sd660 wcn3620_firmware qcm6490 sd888_5g_firmware wcn3988 sd660_firmware wcn3620 wcn6850_firmware sa8195p_firmware wsa8815_firmware wsa8835_firmware qcx315 qca6564a wcn6750_firmware wcn3610 wcn3991 sda429w_firmware wcd9380_firmware wcn3990 sd_675 sd780g qca6595 qca6564au wcn6856_firmware sd888 wsa8835 qca6574 qcx315_firmware wcd9380 sd888_5g qcs410 qca6574a wcn6855_firmware qca6174a sm7325 wcd9335_firmware wcn3980 wcn6750 sa515m qca6574_firmware wsa8815 wcn6850 wcn3660b_firmware qca6574a_firmware wcn3980_firmware qca6391 wcn6740_firmware sd678_firmware ar8031_firmware qcm6490_firmware sd480_firmware wcn6851_firmware qca6574au sa8155p_firmware qca6564a_firmware wcd9341_firmware sd480 wsa8810 wcn6855 qcs610_firmware mdm9150 wcn6856 sa6145p wcn3680b ar8031 qca6595_firmware qcs405_firmware sa8145p wcn6740 qca6696 qca6391_firmware sd780g_firmware wcd9370_firmware sa6150p sd888_firmware sdx55 sa8155p csra6640 sd675 sd720g_firmware sdx12 qcs410_firmware sm7325_firmware Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23356

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.26%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-26 Nov, 2024 | 16:40

Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption during session sign renewal request calls in HLOS.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23355

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.26%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-26 Nov, 2024 | 15:32

Improper Restriction of Operations within the Bounds of a Memory Buffer in Automotive

Memory corruption when keymaster operation imports a shared key.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23369

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.26%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-21481

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 8.14%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in Hypervisor

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-21475

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.08% / 24.82%

7 Day CHG~0.00%

Published-06 May, 2024 | 14:32

Updated-11 Aug, 2025 | 15:06

Use of Out-of-range Pointer Offset in Video

Memory corruption when the payload received from firmware is not as per the expected protocol size.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2024-21482

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.8||MEDIUM

EPSS-0.01% / 1.44%

7 Day CHG~0.00%

Published-01 Jul, 2024 | 14:17

Updated-01 Aug, 2024 | 22:20

Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux Boot Loader

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2023-43554

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.04% / 11.12%

7 Day CHG~0.00%

Published-01 Jul, 2024 | 14:17

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations withing the Bounds of a Memory Buffer in DSP Services

Memory corruption while processing IOCTL handler in FastRPC.

Product-wsa8845_firmware snapdragon_7c\+_gen_3 wsa8840 wcd9370 sc8180x-ab_firmware wcd9340_firmware wcd9385 sc8380xp wcd9341_firmware sc8180xp-ab_firmware sc8280xp-bb sc8180x-af sc8180x-ab fastconnect_6700 qca6420 sc8180xp-ab sc8180xp-ad qca6430 wsa8815_firmware wcd9370_firmware sc8180xp-ad_firmware qcm6490_firmware wcd9340 wcd9341 qcm6490 sc8180xp-aa_firmware wsa8810_firmware wsa8845h_firmware sc8180x-af_firmware qca6420_firmware aqt1000_firmware qcs6490_firmware sc8180x-ac wsa8835 wsa8840_firmware qca6391_firmware sc8180x-ac_firmware qca6430_firmware sc8180x-aa fastconnect_6800_firmware qcs5430 wsa8845h sc8180xp-ac_firmware wcd9380_firmware qcm5430 sc8180x-ad_firmware qcm5430_firmware wsa8815 wsa8830 sc8180x\+sdx55_firmware sc8380xp_firmware sc8180xp-ac fastconnect_6800 sc8280xp-ab_firmware wcd9375_firmware fastconnect_7800_firmware fastconnect_6900 snapdragon_7c\+_gen_3_firmware qca6391 sc8280xp-ab qcs5430_firmware sc8180x\+sdx55 wcd9385_firmware sc8180xp-af_firmware fastconnect_6900_firmware sc8180xp-aa wcd9380 fastconnect_6200 sc8180x-aa_firmware fastconnect_7800 wcd9375 sc8180xp-af wsa8845 fastconnect_6700_firmware video_collaboration_vc3_platform_firmware sc8180x-ad wsa8835_firmware wsa8810 qcs6490 fastconnect_6200_firmware sc8280xp-bb_firmware wsa8830_firmware video_collaboration_vc3_platform aqt1000 Snapdragon aqt1000_firmware qcm5430_firmware wcd9380_firmware qca6430_firmware qcs6490_firmware qcm6490_firmware qcs5430_firmware wsa8840_firmware qualcomm_video_collaboration_vc3_platform_firmware qca6391_firmware wcd9385_firmware fastconnect_6900_firmware wcd9370_firmware sc8380xp_firmware wcd9340_firmware wsa8830_firmware wsa8845_firmware fastconnect_6700_firmware wsa8815_firmware wsa8835_firmware wsa8810_firmware fastconnect_6200_firmware wcd9341_firmware fastconnect_7800_firmware qca6420_firmware wcd9375_firmware wsa8845h_firmware fastconnect_6800_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-43513

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.48%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-11 Aug, 2025 | 15:06

Use of Out-of-range Pointer Offset in PCIe

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2024-43049

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.59%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:28

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.

Product-fastconnect_7800 wcd9380_firmware wsa8830 sdm429w wsa8840_firmware fastconnect_6900 fastconnect_6900_firmware sc8380xp_firmware qcc2073 wsa8835 wsa8840 sdm429w_firmware fastconnect_6700_firmware snapdragon_7c\+_gen_3_compute wcd9380 fastconnect_7800_firmware wsa8845h fastconnect_6700 snapdragon_8cx_gen_3_compute_platform wcd9385 qcc2076_firmware wcd9385_firmware wsa8845 qcc2073_firmware wcn3660b wsa8830_firmware qcc2076 wsa8845_firmware wcn3620_firmware snapdragon_7c\+_gen_3_compute_firmware wcn3660b_firmware wsa8835_firmware sc8380xp snapdragon_429_mobile_platform_firmware wcn3620 wsa8845h_firmware snapdragon_429_mobile_platform snapdragon_8cx_gen_3_compute_platform_firmware Snapdragon wcd9380_firmware qcc2076_firmware wsa8840_firmware wcd9385_firmware fastconnect_6900_firmware qcc2073_firmware sc8380xp_firmware wsa8830_firmware wsa8845_firmware wcn3620_firmware sdm429w_firmware fastconnect_6700_firmware wcn3660b_firmware wsa8835_firmware snapdragon_429_mobile_platform_firmware fastconnect_7800_firmware wsa8845h_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-2297

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.76%

7 Day CHG~0.00%

Published-21 Nov, 2019 | 14:38

Updated-04 Aug, 2024 | 18:42

Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150

Product-qca9377_firmware mdm9640_firmware sdm636_firmware apq8064 sdm845_firmware msm8996au_firmware sdm845 sdx20 sdm660 sdx24 mdm9607_firmware mdm9650 qcs405 ipq8074_firmware qca6574au mdm9607 msm8996au apq8017_firmware apq8009_firmware qcn7605_firmware qcs605_firmware ipq4019_firmware mdm9207c_firmware mdm9206 msm8905 mdm9207c qca6174a_firmware qca6174a qca9379_firmware sm8150_firmware sdx24_firmware ipq8074 apq8096au sdm636 qcs405_firmware qca9377 sda845_firmware sdm660_firmware sda660_firmware qcn7605 mdm9206_firmware qcs605 ipq4019 apq8053 apq8096au_firmware mdm9650_firmware sm8150 sdx20_firmware msm8905_firmware ipq8064 qca6574au_firmware sda660 apq8017 apq8064_firmware apq8009 qca9379 apq8053_firmware ipq8064_firmware sda845 mdm9640 Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2019-14100

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 29.98%

7 Day CHG~0.00%

Published-30 Jul, 2020 | 11:40

Updated-05 Aug, 2024 | 00:12

Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX55, SM8150

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-14009

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.69%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-05 Aug, 2024 | 00:05

Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, MDM9150, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDM850, SXR2130

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-10544

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.98%

7 Day CHG~0.00%

Published-18 Dec, 2019 | 05:25

Updated-04 Aug, 2024 | 22:24

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-mdm9640_firmware sdm632_firmware msm8996au_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 mdm9650 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8909w_firmware msm8996au sm7150 apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware mdm9206 sdm670_firmware sdx24_firmware sdm636 sda845_firmware apq8098 qcn7605 mdm9206_firmware msm8939 qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 msm8909w apq8009 msm8909_firmware apq8053_firmware sda845 msm8920 msm8953 sdm450 sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware sdm660 msm8920_firmware sdm630 mdm9607_firmware sm8250_firmware qcs405 sdm710 qm215 mdm9607 apq8017_firmware sdm710_firmware msm8939_firmware qcn7605_firmware msm8937 mdm9207c_firmware msm8905 mdm9207c sm8150_firmware msm8909 sxr2130_firmware apq8096au sdm439_firmware qcs405_firmware sdm630_firmware sda660_firmware qm215_firmware sdx55 msm8953_firmware msm8940 sm6150_firmware apq8053 apq8096au_firmware msm8917_firmware sm8250 msm8998 sm8150 sdx20_firmware apq8017 sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-10624

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.76%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-04 Aug, 2024 | 22:31

While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-681

Incorrect Conversion between Numeric Types

CVE-2023-28549

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.80%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:02

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2023-28545

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.04% / 11.08%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS

Memory corruption in TZ Secure OS while loading an app ELF.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28551

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.86%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in UTILS

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28550

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.86%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in MPP Performance

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28587

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 21.35%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in BT Controller

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28564

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.78%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:01

Use of Out-of-range Pointer Offset in WLAN HAL

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28575

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.94%

7 Day CHG~0.00%

Published-08 Aug, 2023 | 09:15

Updated-02 Aug, 2024 | 13:43

Multiple Type Confusion Vulnerability

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2023-21663

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.48%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-02 Aug, 2024 | 09:44

Improper Restrictions of Operations within the Bounds of a Memory Buffer in Display

Memory Corruption while accessing metadata in Display.

Product-sda429w_firmware wcd9380_firmware sa6150p_firmware wsa8830 sa8145p_firmware sw5100p qcc5100 wcn6856_firmware wsa8835 sd_8_gen1_5g wcd9380 sa8150p_firmware sd888_5g qca6420_firmware wcn6855_firmware qca6430_firmware wcn3980 wcn3998 wcd9385_firmware sd_8_gen1_5g_firmware sd855 wcn3660b wcn6850 wsa8815 wcn3660b_firmware wcn7850 qca6574au_firmware wcn3680b_firmware wcn3998_firmware wcn3980_firmware wcn3610_firmware qca6420 qcc5100_firmware aqt1000_firmware sa6155p_firmware wcn7851 wcn6851_firmware wcn3988_firmware qca6430 qca6574au sa6145p_firmware sa8155p_firmware sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 wcn6855 wcn6851 sa6155p sw5100p_firmware wcn7851_firmware wcn6856 sa6145p wcn3680b wcd9385 wcd9341 qca6696_firmware sa8145p qca6696 aqt1000 sa8150p sa6150p sa8155p wsa8830_firmware sda429w sd855_firmware wsa8815_firmware wcn3988 wsa8835_firmware sd888_5g_firmware wcn6850_firmware wcn7850_firmware sa8195p_firmware sw5100_firmware wcn3610 Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21634

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.08%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-02 Aug, 2024 | 09:44

Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

Product-snapdragon_855\+\/860_mobile_platform_firmware wsa8830 wcd9380_firmware sa6150p_firmware wcn3990 sa8145p_firmware sw5100p sd865_5g fastconnect_6800 snapdragon_w5\+_gen_1_wearable_platform snapdragon_835_mobile_pc_platform snapdragon_870_5g_mobile_platform_firmware snapdragon_865_5g_mobile_platform wsa8835 wcd9380 sa8150p_firmware qca6420_firmware qca6595au_firmware snapdragon_wear_4100\+_platform_firmware snapdragon_855\+\/860_mobile_platform sxr2130 snapdragon_wear_4100\+_platform qca6426 wcn3990_firmware qca6310_firmware qca6430_firmware wcd9335_firmware wcn3980 fastconnect_6200 wcd9340_firmware wcn3660b sd855 wsa8815 qca6320 snapdragon_865\+_5g_mobile_platform snapdragon_xr2_5g_platform_firmware qca6426_firmware wcn3660b_firmware qca6320_firmware snapdragon_x55_5g_modem-rf_system qca6574au_firmware snapdragon_835_mobile_pc_platform_firmware wcn3680b_firmware fastconnect_6200_firmware qca6595au sd835 wcn3980_firmware snapdragon_x55_5g_modem-rf_system_firmware qca6391 wcn3610_firmware qca6420 qca6436_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware aqt1000_firmware sa6155p_firmware qca6310 snapdragon_865\+_5g_mobile_platform_firmware snapdragon_870_5g_mobile_platform snapdragon_xr2_5g_platform fastconnect_6900 fastconnect_6900_firmware wcn3988_firmware qca6430 qca6574au sa6145p_firmware sa8155p_firmware wcd9340 sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 qca6436 wcd9335 sa6155p sw5100p_firmware sa6145p wcn3680b sd835_firmware sxr2130_firmware wcd9341 qca6696_firmware sa8145p qca6696 qca6391_firmware snapdragon_855_mobile_platform_firmware aqt1000 sa8150p sa6150p sa8155p wsa8830_firmware sd855_firmware sd865_5g_firmware wcn3988 wsa8815_firmware wsa8835_firmware sa8195p_firmware snapdragon_865_5g_mobile_platform_firmware sw5100_firmware fastconnect_6800_firmware snapdragon_855_mobile_platform wcn3610 Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21633

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.49%

7 Day CHG~0.00%

Published-04 Jul, 2023 | 04:46

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21654

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.48%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:23

Updated-02 Aug, 2024 | 09:44

Improper Restriction of Operations within the Bounds of a Memory Buffer in Audio

Memory corruption in Audio during playback session with audio effects enabled.

Product-mdm9150_firmware wsa8830 sda429w_firmware sa6150p_firmware wcd9380_firmware sa8145p_firmware qcs610 sw5100p msm8996au_firmware sd865_5g qca6564au qcc5100 sdx55m_firmware mdm9628_firmware wsa8835 msm8996au wcn3950_firmware wcd9380 sa8150p_firmware qca6420_firmware qca6390_firmware qcs410 wcd9370 qca6574a qca6426 qca6564a qca6430_firmware wcn3980 sa415m wcn3998 qam8295p sdxr2_5g_firmware wcn3950 mdm9628 wcn3660b sd855 wsa8815 wcn6850 qam8295p_firmware qca6426_firmware wcn3660b_firmware qca6574a_firmware qca6574au_firmware sdx55_firmware wcn3680b_firmware wcn3998_firmware wcn3980_firmware qca6391 wcn3610_firmware qca6420 qca6436_firmware sdx55m sa8295p qcc5100_firmware aqt1000_firmware qca6564au_firmware sa6155p_firmware sdxr2_5g wcn6851_firmware sa415m_firmware wcn3988_firmware qca6430 qca6574au qcn9074 sa6145p_firmware sa8155p_firmware qca6564a_firmware sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 sd870 qca6436 wcn6851 sa6155p sw5100p_firmware qcs610_firmware mdm9150 qsm8250 sa6145p wcn3680b wcd9341 apq8096au qca6696_firmware sa8145p sd870_firmware qca6696 qca6391_firmware qca6390 wcd9370_firmware aqt1000 sa8150p sa6150p sdx55 apq8096au_firmware wsa8830_firmware sda429w sa8155p sd855_firmware sd865_5g_firmware wcn3988 wcn6850_firmware wsa8815_firmware wsa8835_firmware sa8195p_firmware sw5100_firmware qcn9074_firmware qcs410_firmware sa8295p_firmware wcn3610 qsm8250_firmware Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21637

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.49%

7 Day CHG~0.00%

Published-04 Jul, 2023 | 04:46

Updated-02 Aug, 2024 | 09:44

Improper Restrictions of Operations within the Bounds of a Memory Buffer in Linux

Memory corruption in Linux while calling system configuration APIs.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-22387

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 15.42%

7 Day CHG~0.00%

Published-04 Jul, 2023 | 04:46

Updated-11 Aug, 2025 | 15:06

Use of Out-of-range Pointer Offset in Qualcomm IPC

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2023-21628

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.48%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:39

Updated-02 Aug, 2024 | 09:44

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-3693

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 14.15%

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-21455

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 3.97%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-11 Aug, 2025 | 15:06

Untrusted Pointer Dereference in DSP Service

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

Product-sa8295p_firmware qca6696_firmware qca6688aq qam8295p_firmware qca6595 wcd9370 wsa8815 video_collaboration_vc1_platform_firmware sg4150p qca6696 qcm6125_firmware qca6698aq_firmware qca6584au qcs6125_firmware qca6595_firmware wcd9375_firmware wsa8815_firmware wcd9370_firmware video_collaboration_vc1_platform qca6698aq wcn3950_firmware snapdragon_680_4g_mobile_platform sg4150p_firmware sa8295p snapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware qam8295p snapdragon_auto_5g_modem-rf_gen_2 wcd9375 qca6688aq_firmware wcn3950 wsa8810_firmware qcs6125 qcm6125 wsa8810 snapdragon_680_4g_mobile_platform_firmware wcn3980_firmware qca6584au_firmware wcn3980 snapdragon_auto_5g_modem-rf_gen_2_firmware Snapdragon qualcomm_video_collaboration_vc1_platform_firmware qcs6125_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qca6584au_firmware qca6696_firmware qca6595_firmware qcm6125_firmware wcd9370_firmware qam8295p_firmware wcn3950_firmware wsa8815_firmware wsa8810_firmware wcd9375_firmware wcn3980_firmware sa8295p_firmware sg4150p_firmware snapdragon_680_4g_mobile_platform_firmware qca6688aq_firmware qca6698aq_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-53034

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.79%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-07 Mar, 2025 | 11:47

Untrusted Pointer Dereference in DSP_Services

Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2022-33210

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.08% / 24.58%

7 Day CHG~0.00%

Published-17 Oct, 2022 | 00:00

Updated-14 May, 2025 | 15:15

Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-33267

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 8.19%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Improper restriction of operations within the bounds of memory buffer in Linux

Memory corruption in Linux while sending DRM request.

Product-wcn3991_firmware wcn3991 wcd9380_firmware sa6150p_firmware sa8145p_firmware qcs610 sdm429w sd865_5g qca6564au sm8150-ac sdm429 sdm429w_firmware wcn3950_firmware wcd9380 sa8150p_firmware qca6420_firmware snapdragon_wear_4100\+_platform_firmware qca6390_firmware qcs410 wcd9370 sxr2130 qca6574a snapdragon_wear_4100\+_platform wcn685x-5_firmware qca6564 qca6426 wcn685x-1 qca6430_firmware wcn3980 sm8250-ab wcn3998 wcn3950 wcn3660b sd855 wsa8815 sdm429_firmware snapdragon_xr2_5g_platform_firmware qca6426_firmware wcn3660b_firmware sa8155 snapdragon_x55_5g_modem-rf_system qca6574a_firmware qca6574au_firmware sdx55_firmware wcn3680b_firmware wcn3998_firmware wcn3980_firmware snapdragon_x55_5g_modem-rf_system_firmware sm8250-ab_firmware qca6391 wcn3610_firmware qca6420 qca6436_firmware snapdragon_x50_5g_modem-rf_system_firmware aqt1000_firmware qca6564au_firmware sa6155p_firmware snapdragon_xr2_5g_platform sa8155_firmware wcn685x-5 sm8250_firmware sm8250-ac qca6430 qca6574au sa6145p_firmware sa8155p_firmware sa8195p wsa8810_firmware wcd9341_firmware wsa8810 qca6436 sa6155p qcs610_firmware sm8150-ac_firmware qsm8250 sa6145p wcn3680b wcn685x-1_firmware qca6564_firmware sm8150_firmware sxr2130_firmware wcd9341 qca6696_firmware sa8145p qca6696 qca6391_firmware qca6390 wcd9370_firmware aqt1000 sa8150p sa6150p sdx55 snapdragon_x50_5g_modem-rf_system sa8155p sm8250-ac_firmware sm8250 sd855_firmware sd865_5g_firmware sm8150 wcn3620_firmware wsa8815_firmware wcn3620 sa8195p_firmware qcs410_firmware wcn3610 qsm8250_firmware Snapdragon aqt1000_firmware qca6564au_firmware sa6155p_firmware wcd9380_firmware sa6150p_firmware sa8145p_firmware fastconnect_6900_firmware sa8155_firmware sa6145p_firmware sa8155p_firmware sdm429w_firmware wcn3950_firmware wsa8810_firmware sa8150p_firmware wcd9341_firmware qca6420_firmware qcs610_firmware qca6564_firmware sxr2130_firmware qca6696_firmware qca6430_firmware qca6391_firmware snapdragon_855_mobile_platform_firmware wcd9370_firmware sd855_firmware sd865_5g_firmware snapdragon_xr2_5g_platform_firmware wcn3620_firmware qca6426_firmware wcn3660b_firmware wsa8815_firmware qca6574a_firmware fastconnect_6200_firmware qca6574au_firmware sa8195p_firmware sdx55_firmware snapdragon_429_mobile_platform_firmware snapdragon_865_5g_mobile_platform_firmware wcn3680b_firmware fastconnect_6800_firmware qcs410_firmware snapdragon_x55_5g_modem-rf_system_firmware wcn3980_firmware wcn3610_firmware qca6436_firmware snapdragon_x50_5g_modem-rf_system_firmware qsm8250_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-10502

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.76%

7 Day CHG~0.00%

Published-06 Nov, 2019 | 17:11

Updated-04 Aug, 2024 | 22:24

Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2020-11180

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.69%

7 Day CHG~0.00%

Published-21 Jan, 2021 | 09:41

Updated-04 Aug, 2024 | 11:28

Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Product-qfs2580 wsa8830 sdr051 qln5030 qbt1500 qfs2530 qpa8802 qat3519 pmm855au pm8150a sc8180x\+sdx55 qtc800h qdm5670 qpa8686 sa6155 pm7150l qpa8821 pm7150a wcd9370 qdm5671 pmc1000h qca6426 qat3518 sd8c wcn3998 qdm5620 pm3003a sa8155 qdm5652 qat5533 qca6595au qpm5679 qbt2000 pm855p qca6420 qdm2305 qpm8820 pm8150b pm855 qsm7250 pm8250 pmx55 qca6430 qca6421 qdm3301 wcd9340 sa8195p qpm5677 qat5515 sd765g qca6436 sdr660 wcn6851 sa6155p qpa6560 sdr865 wcd9385 wcd9341 qca6431 qln5020 wcd9371 qpm5620 pmm8155au qca6390 wcd9375 aqt1000 qpa8673 qpm5657 sa8150p pmm8195au qdm5621 qln4642 qdm5650 wcn3988 sdr052 smb1390 qet6110 qln5040 qpm8895 qpm6585 wcn3991 qpm5670 wcn3990 smb1355 qln4650 qpa8801 qet5100 qpm8830 sdxr25g pm6150 qat5522 wsa8835 pm7250b qca6574 pm8150c pmr735b qpa8842 wcd9380 smb1381 qca6574a sdr735 pm7250 smb1395 smr525 qpa8803 smr526 wcn3980 pmk8003 wcn6750 pmr525 qdm2301 qpm4650 qtm525 sd855 wsa8815 sd8cx wcn6850 wcn3910 sd765 qat3555 pm8009 sd730 qca6391 sdx55m pm8008 sdx50m sdr8150 pm855l qtc801s sd8655g qca6574au qpm5621 qpm6582 wsa8810 pm8150l pmx50 qdm5677 qdm5679 qsm8250 sa6145p pmm6155au sdr8250 sd768g qca6696 pm8150 pm8004 pmk8002 qpa2625 sa6150p sa8155p sdx55 qet4101 qat3516 sm7250p qpm5658 pm855b smb2351 qpa5580 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-14130

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.14%

7 Day CHG~0.00%

Published-30 Jul, 2020 | 11:40

Updated-05 Aug, 2024 | 00:12

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25709

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 20.91%

7 Day CHG~0.00%

Published-07 Mar, 2023 | 04:43

Updated-05 Mar, 2025 | 16:44

Use of Out-of-range Pointer Offset in Data Modem

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

Product-wcn3991_firmware wsa8830 sd678 sm6250p_firmware qca8337 qca6431_firmware sd7c_firmware snapdragon_4_gen_1_firmware sdx65 wcn3950_firmware sd765g_firmware qca6390_firmware sd690_5g sd730_firmware wcd9370 sd_675_firmware sd675_firmware qca6426 wcn3990_firmware wcn3998 wcd9385_firmware sdxr2_5g_firmware wcn3950 qcn6024_firmware sd720g sd_8_gen1_5g_firmware wcn7850 qca6320_firmware sdx55_firmware wcd9375_firmware qca8081_firmware wcn3998_firmware sm7250p_firmware qca6436_firmware qca6310 sa515m_firmware wcn7851 sdxr2_5g sd821 wcn3988_firmware qca6421 sm6250 wcd9340 wsa8810_firmware sd765g sd765_firmware qca6436 wcn6851 wcd9335 qca8081 wcn7851_firmware qca6174a_firmware wcd9385 wcd9341 qca6431 sd750g sd870_firmware sdx70m_firmware qca6390 ar8035 sd750g_firmware wcd9375 sm6250_firmware wsa8830_firmware sd855_firmware sd865_5g_firmware sd820 snapdragon_4_gen_1 wcn3988 wcn6850_firmware wcn7850_firmware wsa8815_firmware wsa8835_firmware qcx315 sm8475 wcn3991 qca8337_firmware wcd9380_firmware wcn3990 sd_675 sd865_5g sdx55m_firmware wcn6856_firmware wsa8835 qcx315_firmware wcd9380 sm6250p sd690_5g_firmware wcn6855_firmware qca6174a qca6310_firmware wcd9335_firmware wcn3980 sa515m wcd9340_firmware sd855 wsa8815 wcn6850 sd7c qca6320 sd765 qca6426_firmware sd695 sd768g_firmware sd835 qcn9024 wcn3980_firmware sd730 qca6391 sdx55m qca6421_firmware sdx65_firmware sd821_firmware sd678_firmware sd480_firmware wcn6851_firmware qcn9024_firmware wcd9341_firmware sd480 sd870 wsa8810 wcn6855 wcn6856 sd835_firmware sd695_firmware sd768g sd820_firmware qca6391_firmware wcd9370_firmware sdx55 sd675 qcn6024 sdx70m sm7250p sd720g_firmware ar8035_firmware Snapdragon

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25661

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.08% / 25.48%

7 Day CHG~0.00%

Published-12 Oct, 2022 | 00:00

Updated-15 May, 2025 | 15:15

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Product-qcs605 wcn6855_firmware qca6391_firmware sd888_5g_firmware sd850 qca6574_firmware sdx50m_firmware ar8035 qca6430 sa8155 wcn7850_firmware sdx24_firmware wcd9375_firmware sd855_firmware sa8540p_firmware wcn3990 qca6174a_firmware wsa8835_firmware qca6696_firmware qca8337 sa6145p qca6431_firmware wcn6855 qam8295p wsa8830 qca6696 sm8475 sdx65 sd778g_firmware sm7325p qsm8350_firmware qca6420 sa6155p wcn3998_firmware wcn6750_firmware sdx55 qca6390_firmware sm7250p ar8035_firmware wcn6740_firmware sd765 sdx55_firmware qca6574a_firmware wcd9385_firmware qca8081_firmware wcn3950_firmware qcs605_firmware sdx24 sdxr2_5g_firmware qca6436_firmware wsa8815_firmware qcm6490 sd678 sdx57m_firmware sa6145p_firmware sa9000p qca6430_firmware qca6595 sd675_firmware wcd9370_firmware aqt1000 qca6391 wcn3991_firmware sa8295p qca6174a sa8295p_firmware wsa8835 sm7250p_firmware wcn6851_firmware sd768g_firmware wcn3980_firmware sm7315_firmware qca6574a wcn6750 qca6564a qcn9012_firmware qrb5165m sdx65_firmware qca6595au wcn6851 qcn9012 qcs6490_firmware sd865_5g wcd9340_firmware wcn6850_firmware sd865_5g_firmware qca6564au_firmware qca9377_firmware wsa8830_firmware wcd9341 sd845_firmware wcn3991 wcn3998 wcn6856_firmware qca6574au sd888_firmware sm7315 wcn3990_firmware sdx55m wcd9341_firmware qcs603_firmware sd670 qca6420_firmware qca6564au sd_675 sa9000p_firmware wsa8815 sd850_firmware sd_8cx_gen3 wcd9326 wcn6856 wcn6740 qca6564a_firmware wcn7850 sd_8_gen1_5g_firmware qca6426 wcd9380 qrb5165n qcn9011_firmware qrb5165_firmware sa8155p_firmware qsm8350 sd_8cx_firmware sd780g_firmware qca8337_firmware sd870_firmware wcd9326_firmware qcn9011 sd_8cx_gen3_firmware qca6574 sd_8cx_gen2_firmware sd870 sd765_firmware wcn7851_firmware sdx57m qca6426_firmware sd845 qrb5165n_firmware qcs6490 sd778g qam8295p_firmware sd_675_firmware sd768g wsa8810 qca6335 wcn6850 sd855 sd_8cx_gen2 qca6310_firmware wcd9380_firmware sd678_firmware sd888_5g sa8155_firmware sd670_firmware sd780g qca6335_firmware qca6390 qca6421 qrb5165 sa6155 qca6595au_firmware qcm6490_firmware wsa8810_firmware qca6310 sdx55m_firmware wcd9375 wcd9370 sa8150p_firmware wcn7851 qrb5165m_firmware wcd9340 qca6436 qca9377 wcd9385 sa6155p_firmware sd_8cx sa8150p sd765g wcn3950 qca6595_firmware qcs603 sdxr2_5g sa6155_firmware aqt1000_firmware sd888 sdx50m qca6431 sd675 wcn3980 sm7325p_firmware qca8081 qca6574au_firmware sa8155p sa8540p qca6421_firmware sd765g_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25682

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 22.40%

7 Day CHG~0.00%

Published-13 Dec, 2022 | 00:00

Updated-22 Apr, 2025 | 16:15

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-wcd9380_firmware mdm9310 wcn3615_firmware msm8996au sd429_firmware qca6595au_firmware qualcomm215_firmware sd730 qca6310 qsw8573 apq8009 mdm9607 qca6696 qca6421 wcn7850 mdm9205_firmware qca6564au msm8937 sdx24 wcn3660b sd632_firmware mdm8207_firmware sd720g qca6426_firmware sd710_firmware sd460 sd205_firmware msm8996au_firmware mdm9630 apq8056 msm8940 sdx24_firmware wsa8830 msm8920_firmware wsa8815 wcn3680b qca6430 wcn3620_firmware sd855 qcs6490_firmware wcd9340 sdx55_firmware sdxr2_5g_firmware apq8037 msm8976sg_firmware sd_8cx_gen2_firmware sc8180x\+sdx55_firmware mdm9207 sd712 mdm9650 sd765g_firmware qca6574a qca4004_firmware msm8108_firmware sd865_5g_firmware wcd9306_firmware apq8017_firmware qcm6125_firmware sdm429w_firmware sd835_firmware wcn6750 sm7325p msm8917_firmware sd_636_firmware ar6003 mdm8215 sd695_firmware qcc5100 sd_675 qca6335 sd625_firmware msm8108 qcs405 qca6431_firmware msm8208 csra6640 sd480_firmware mdm9215_firmware qet4101 qca6430_firmware qca8081 sm7315_firmware sm7325p_firmware qca6584au apq8009w sd870 mdm9150 qca9367 qca6390_firmware qcn9024_firmware sc8180x\+sdx55 wcn6855 qca6584_firmware qcx315_firmware wcn3910 sd870_firmware qcm6490_firmware sm6250 sdm630_firmware qca6431 qca6595au wcd9370 sd821_firmware qcs4290_firmware sd888_firmware wcn3980 ar6003_firmware sd439_firmware mdm8215m sm7315 sd765_firmware sd720g_firmware sd765g sd670 mdm9150_firmware sdx55m msm8208_firmware msm8917 sd450 wcn6850_firmware wcn3660 sd_455 sm6250p wsa8810_firmware wsa8815_firmware wcn3991_firmware sd625 sd850_firmware wcn6740 msm8608_firmware qca6436 msm8952_firmware wsa8810 sdxr1 msm8909w sdm630 sw5100p_firmware aqt1000_firmware qca4004 wsa8835_firmware wcd9335_firmware sm7250p_firmware mdm9615m apq8009_firmware qca6391 qcn9024 wcn3998_firmware csra6620 mdm9330_firmware mdm9310_firmware wcn6851 sd778g_firmware wcd9370_firmware sd675 qca6420_firmware sd439 mdm9615m_firmware wcn3660_firmware sdx57m qcx315 qcc5100_firmware msm8940_firmware sd210_firmware qcm6125 mdm9655_firmware apq8052_firmware sdx12 sd660 csrb31024_firmware sdm429w sdx20 qcs610 qualcomm215 apq8052 qca6391_firmware sd205 wcd9326_firmware sm7250p csra6620_firmware wcn3610 sdx20_firmware wcn3910_firmware msm8209 apq8017 wcd9375 sd750g_firmware msm8976_firmware qca6696_firmware mdm9215 sm6250p_firmware sd865_5g qca9377 wcn3990_firmware mdm9230_firmware wcn3950_firmware wcn3988 sd778g wcd9371_firmware wcn3615 msm8976 sd750g sd768g_firmware mdm8615m qcs605 msm8952 sd712_firmware mdm9615_firmware wcn7851 qca6310_firmware mdm8215m_firmware sd710 mdm9640_firmware qca6436_firmware qca9367_firmware sd_636 wcd9341_firmware sd821 sd632 wcd9340_firmware mdm9330 sd850 apq8037_firmware sd_675_firmware qca6174a_firmware qca6564a_firmware sd855_firmware sd662_firmware wcd9371 mdm9650_firmware sdx50m qcs405_firmware qcn6024_firmware qcs6490 sdx55 sd460_firmware sd_455_firmware msm8956 mdm9628 wcn3610_firmware qcm4290_firmware msm8976sg sd450_firmware sd820 wcn3660b_firmware sm4375 msm8909w_firmware qet4101_firmware sd665_firmware wcd9360_firmware sdw2500 sdw2500_firmware qsw8573_firmware sd626 sd768g wcn6740_firmware wcn6856 sd626_firmware apq8009w_firmware sda429w_firmware sdx50m_firmware qca6390 sd480 wcd9330 wcn7851_firmware sw5100 mdm8215_firmware wcn6850 sa415m wcn3950 qcs603_firmware msm8608 qca6320_firmware qca6584au_firmware qcm6490 qcn6024 qca6174a wcd9335 sd7c_firmware sd670_firmware wcn3680b_firmware sd835 qca6421_firmware qca6574au_firmware sd662 mdm9250_firmware qcs610_firmware mdm9205 msm8956_firmware mdm9207_firmware qca6174 qcm2290_firmware wcd9380 mdm9630_firmware qcm4290 wcn3680 mdm9628_firmware sd660_firmware sd730_firmware sd695 qca6174_firmware wcd9375_firmware sd888 ar8035_firmware wcn6856_firmware aqt1000 mdm9230 qcs603 sdx12_firmware ar8035 wcn6855_firmware mdm8207 wcd9360 qca6420 sd780g_firmware wcn3680_firmware qcm2290 sdx65_firmware mdm9250 sa515m sd845_firmware mdm9206 sdxr1_firmware sa515m_firmware mdm9655 mdm9607_firmware wcn3990 apq8076 sd429 apq8076_firmware sd690_5g qca8081_firmware msm8920 wsa8835 wcn3998 wcd9306 apq8056_firmware qca8337_firmware mdm9206_firmware qcs2290 sd820_firmware sd7c wcd9385 sd678 qca6574au wcn7850_firmware sdx65 wcd9385_firmware mdm9640 apq8096au wcn6750_firmware qcs410_firmware sd210 sd680 sd888_5g sd678_firmware qcs6125 sm4375_firmware wcn3991 qca6574 csra6640_firmware qca6574_firmware sa415m_firmware qca6564a sd675_firmware qca6574a_firmware sd665 sda429w sd888_5g_firmware wsa8830_firmware qca6320 qca8337 sd_8_gen1_5g_firmware sm6250_firmware sdxr2_5g wcd9341 wcn3980_firmware qcs2290_firmware wcn6851_firmware wcd9326 sd680_firmware msm8937_firmware qca9377_firmware mdm8615m_firmware apq8096au_firmware sw5100_firmware qca6584 sd780g qca6564au_firmware csrb31024 qca6426 qca6335_firmware sdx55m_firmware qcs6125_firmware sdx57m_firmware sd690_5g_firmware sm8475 wcn3620 sd765 qcs605_firmware wcd9330_firmware wcn3988_firmware qcs4290 msm8209_firmware sw5100p mdm9615 sd_8cx_gen2 sd845 qcs410 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-25681

Matching Score-10

Assigner-Qualcomm, Inc.

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.08% / 24.04%

7 Day CHG~0.00%

Published-13 Dec, 2022 | 00:00

Updated-22 Apr, 2025 | 16:15

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile