snapdragon_7c%5C%2B_gen_3_compute

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-21453

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.47%

7 Day CHG~0.00%

Published-06 May, 2025 | 08:32

Updated-11 Aug, 2025 | 15:06

Use After Free in GPS HLOS Driver

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2024-49835

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.47%

7 Day CHG~0.00%

Published-06 May, 2025 | 08:32

Updated-09 May, 2025 | 19:11

Out-of-bounds Write in SPS Applications

Memory corruption while reading secure file.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-21448

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.45% / 63.31%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:16

Updated-06 Oct, 2025 | 19:54

Buffer Over-read in WLAN Firmware

Transient DOS may occur while parsing SSID in action frames.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2025-21441

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 20.80%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:16

Updated-20 Aug, 2025 | 20:19

Out-of-bounds Read in Windows WLAN Host

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-21440

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 20.80%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:16

Updated-20 Aug, 2025 | 20:01

Out-of-bounds Read in Windows WLAN Host

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-21438

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 20.80%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:16

Updated-03 Oct, 2025 | 18:35

Out-of-bounds Read in Windows WLAN Host

Memory corruption while IOCTL call is invoked from user-space to read board data.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-21423

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 20.80%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:15

Updated-19 Aug, 2025 | 17:07

Improper Validation of Array Index in Display

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2025-21421

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 20.80%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:15

Updated-19 Aug, 2025 | 17:07

Buffer Over-read in Display

Memory corruption while processing escape code in API.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2024-45551

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-6.2||MEDIUM

EPSS-0.07% / 22.30%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:15

Updated-06 Oct, 2025 | 19:59

Weak Authentication in HLOS

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-1390

Weak Authentication

CVE-2024-43046

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-5.5||MEDIUM

EPSS-0.06% / 18.91%

7 Day CHG~0.00%

Published-07 Apr, 2025 | 10:15

Updated-06 Oct, 2025 | 20:03

Information Exposure in TZ Secure OS

There may be information disclosure during memory re-allocation in TZ Secure OS.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CVE-2025-21424

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.79%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-11 Aug, 2025 | 15:06

Use After Free in NPU

Memory corruption while calling the NPU driver APIs concurrently.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2024-53027

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.21% / 42.40%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in WLAN Host

Transient DOS may occur while processing the country IE.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2024-53024

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.73%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-11 Aug, 2025 | 15:06

NULL Pointer Dereference in Display

Memory corruption in display driver while detaching a device.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-476

NULL Pointer Dereference

CVE-2024-53014

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.73%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-11 Aug, 2025 | 15:06

Improper Validation of Array Index in Audio

Memory corruption may occur while validating ports and channels in Audio driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2024-43051

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-5.5||MEDIUM

EPSS-0.02% / 5.29%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-11 Aug, 2025 | 15:06

Improper Authorization in SPS-HLOS

Information disclosure while deriving keys for a session for any Widevine use case.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-285

Improper Authorization

CVE-2024-49834

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.73%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 16:02

Improper Validation of Array Index in Camera

Memory corruption while power-up or power-down sequence of the camera sensor.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2024-45573

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.73%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-12 Feb, 2025 | 20:51

Use of Out-of-range Pointer Offset in Display

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-45561

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.73%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-12 Feb, 2025 | 20:51

Use After Free in Windows WLAN Host

Memory corruption while handling IOCTL call from user-space to set latency level.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800_firmware wsa8840 sdm429w sc8380xp_firmware wsa8845h_firmware qca6420 wcn3620_firmware wsa8845 wcd9380_firmware qca6391_firmware sc8180x-ad_firmware qca6391 wcn3660b sdm429w_firmware qca6430 wsa8845_firmware wcd9340_firmware sc8180x-acaf snapdragon_429_mobile_firmware wsa8835 wsa8845h aqt1000_firmware fastconnect_7800 wcd9341_firmware qcc2076_firmware wcd9340 wcd9341 sc8180x-aaab_firmware qcc2076 fastconnect_6900 fastconnect_6800 snapdragon_7c\+_gen_3_compute snapdragon_429_mobile fastconnect_6700 qcc2073 snapdragon_7c\+_gen_3_compute_firmware wsa8810_firmware wcd9385_firmware wsa8810 fastconnect_6700_firmware sc8180x-ad qcc2073_firmware sc8280xp-abbb_firmware sc8180x-aaab qca6420_firmware wsa8815 fastconnect_6200_firmware qca6430_firmware wcd9380 wsa8830 wsa8815_firmware fastconnect_6200 wsa8830_firmware wcn3620 fastconnect_6900_firmware sc8180x-acaf_firmware sc8380xp aqt1000 fastconnect_6800_firmware wcd9385 wsa8840_firmware wcn3660b_firmware wsa8835_firmware sc8280xp-abbb Snapdragon

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-416

Use After Free

CVE-2024-45560

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.81%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-12 Feb, 2025 | 20:51

Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800_firmware wsa8840 qcm6490_firmware sdm429w sc8380xp_firmware qcs5430 wsa8845h_firmware qca6420 wcn3620_firmware wsa8845 qcm6490 wcd9380_firmware qca6391_firmware sc8180x-ad_firmware qca6391 qcs5430_firmware wcn3660b sdm429w_firmware qca6430 wsa8845_firmware video_collaboration_vc3_platform_firmware qcm5430 wcd9370 wcd9340_firmware sc8180x-acaf snapdragon_429_mobile_firmware wsa8835 wsa8845h aqt1000_firmware fastconnect_7800 wcd9341_firmware wcd9340 wcd9341 sc8280xp-abbb sc8180x-aaab_firmware fastconnect_6900 qcm5430_firmware fastconnect_6800 snapdragon_7c\+_gen_3_compute snapdragon_429_mobile fastconnect_6700 wcd9375_firmware snapdragon_7c\+_gen_3_compute_firmware wsa8810_firmware wcd9385_firmware wsa8810 fastconnect_6700_firmware sc8180x-ad wcd9375 sc8280xp-abbb_firmware sc8180x-aaab qca6420_firmware wsa8815 fastconnect_6200_firmware qca6430_firmware wcd9380 video_collaboration_vc3_platform wsa8830 wsa8815_firmware fastconnect_6200 wsa8830_firmware wcn3620 fastconnect_6900_firmware qcs6490 qcs6490_firmware sc8180x-acaf_firmware sc8380xp aqt1000 fastconnect_6800_firmware wcd9385 wsa8840_firmware wcn3660b_firmware wsa8835_firmware wcd9370_firmware Snapdragon

CWE ID-CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CVE-2024-45542

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 30.29%

7 Day CHG+0.08%

Published-06 Jan, 2025 | 10:33

Updated-11 Aug, 2025 | 15:06

Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Vendor-Qualcomm Technologies, Inc.

Product-wsa8845_firmware qcc2076_firmware wsa8840 wcd9370 sc8180xp-aaab_firmware wcd9340_firmware wcd9385 sc8380xp wcd9341_firmware qca1064 qcn7606 snapdragon_7c_compute_platform_firmware qcn7605_firmware snapdragon_7c\+_gen_3_compute_firmware qcc2073_firmware fastconnect_6700 qca1064_firmware qca6420 sc8180xp-ad sc8280xp-abbb snapdragon_7c_gen_2_compute_platform_firmware qca6430 wsa8815_firmware wcd9370_firmware sc8180xp-ad_firmware qcn7605 qcc2076 qcm6490_firmware sc8180xp-aaab qcn7606_firmware qca6595au wcd9340 wcd9341 qcm6490 wsa8810_firmware wsa8845h_firmware qca2062 qca6420_firmware aqt1000_firmware qcs6490_firmware sc8180xp-acaf qca2064_firmware snapdragon_7c\+_gen_3_compute wsa8835 qca6595au_firmware qca6391_firmware wsa8840_firmware qca2066_firmware qca6430_firmware fastconnect_6800_firmware qcs5430 wsa8845h wcd9380_firmware qcm5430 sm6250_firmware sc8180x-ad_firmware qcm5430_firmware sc8180x-acaf wsa8815 wsa8830 sc8180x\+sdx55_firmware qca2062_firmware qcc2073 sc8380xp_firmware qca2065 fastconnect_6800 qca1062 fastconnect_7800_firmware fastconnect_6900 wcd9375_firmware qca6391 qcs5430_firmware sc8180x\+sdx55 snapdragon_7c_gen_2_compute_platform wcd9385_firmware sm6250 fastconnect_6900_firmware wcd9380 qca1062_firmware fastconnect_6200 sc8280xp-abbb_firmware fastconnect_7800 sc8180x-acaf_firmware wcd9375 snapdragon_7c_compute_platform wsa8845 fastconnect_6700_firmware video_collaboration_vc3_platform_firmware qca2064 sc8180x-ad sc8180x-aaab wsa8810 sc8180x-aaab_firmware wsa8835_firmware qca2066 qcs6490 sc8180xp-acaf_firmware fastconnect_6200_firmware qca2065_firmware wsa8830_firmware video_collaboration_vc3_platform aqt1000 Snapdragon

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-45541

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 30.29%

7 Day CHG+0.08%

Published-06 Jan, 2025 | 10:33

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Windows Host

Memory corruption when IOCTL call is invoked from user-space to read board data.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2024-43053

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.08% / 23.88%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:29

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800 qca2062_firmware qca2066 wcd9380_firmware sdm429w wsa8840_firmware fastconnect_6900 fastconnect_6900_firmware sc8380xp_firmware wsa8840 sdm429w_firmware fastconnect_6700_firmware snapdragon_7c\+_gen_3_compute wcd9380 fastconnect_7800_firmware wsa8845h fastconnect_6700 qca2064_firmware qca2062 wcd9385 qca2066_firmware qca2065_firmware qcc2076_firmware wcd9385_firmware wsa8845 snapdragon_429_mobile_platform qcc2073_firmware qca2064 wcn3660b qca2065 qcc2076 wsa8845_firmware wcn3620_firmware snapdragon_7c\+_gen_3_compute_firmware wcn3660b_firmware sc8380xp snapdragon_429_mobile_platform_firmware wcn3620 wsa8845h_firmware qcc2073 Snapdragon qca2062_firmware wcd9380_firmware qca2066_firmware qca2065_firmware qcc2076_firmware wsa8840_firmware wcd9385_firmware fastconnect_6900_firmware qcc2073_firmware sc8380xp_firmware wsa8845_firmware wcn3620_firmware sdm429w_firmware fastconnect_6700_firmware wcn3660b_firmware snapdragon_429_mobile_platform_firmware fastconnect_7800_firmware wsa8845h_firmware qca2064_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-43050

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.08% / 23.88%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:28

Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-43049

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.08% / 23.88%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:28

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800 wcd9380_firmware wsa8830 sdm429w wsa8840_firmware fastconnect_6900 fastconnect_6900_firmware sc8380xp_firmware qcc2073 wsa8835 wsa8840 sdm429w_firmware fastconnect_6700_firmware snapdragon_7c\+_gen_3_compute wcd9380 fastconnect_7800_firmware wsa8845h fastconnect_6700 snapdragon_8cx_gen_3_compute_platform wcd9385 qcc2076_firmware wcd9385_firmware wsa8845 qcc2073_firmware wcn3660b wsa8830_firmware qcc2076 wsa8845_firmware wcn3620_firmware snapdragon_7c\+_gen_3_compute_firmware wcn3660b_firmware wsa8835_firmware sc8380xp snapdragon_429_mobile_platform_firmware wcn3620 wsa8845h_firmware snapdragon_429_mobile_platform snapdragon_8cx_gen_3_compute_platform_firmware Snapdragon wcd9380_firmware qcc2076_firmware wsa8840_firmware wcd9385_firmware fastconnect_6900_firmware qcc2073_firmware sc8380xp_firmware wsa8830_firmware wsa8845_firmware wcn3620_firmware sdm429w_firmware fastconnect_6700_firmware wcn3660b_firmware wsa8835_firmware snapdragon_429_mobile_platform_firmware fastconnect_7800_firmware wsa8845h_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-33056

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.09% / 25.56%

7 Day CHG+0.01%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:25

Buffer Over-read in MProc

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33044

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.02% / 4.23%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:23

Improper Validation of Array Index in Hypervisor

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2024-38422

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.20% / 41.84%

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-07 Nov, 2024 | 19:45

Integer Overflow to Buffer Overflow in Audio

Memory corruption while processing voice packet with arbitrary data received from ADSP.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-680

Integer Overflow to Buffer Overflow

CVE-2024-38415

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.18% / 39.72%

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-07 Nov, 2024 | 19:41

Use After Free in Computer Vision

Memory corruption while handling session errors from firmware.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2024-38408

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.44% / 62.83%

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-08 Nov, 2024 | 15:07

Cryptographic Issues in BT Controller

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-310

Not Available

CVE-2024-38407

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.12% / 30.74%

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-16 Nov, 2024 | 04:55

Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CVE-2024-38406

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.12% / 30.74%

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-16 Nov, 2024 | 04:55

Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while handling IOCTL calls in JPEG Encoder driver.

Vendor-Qualcomm Technologies, Inc.

Product-wsa8830 wcd9380_firmware snapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"sdm429w snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)_firmware snapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmware fastconnect_6800 snapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"wsa8840 wsa8835 sdm429w_firmware snapdragon_7c\+_gen_3_compute sc8180x\+sdx55 wcd9380 qca6420_firmware fastconnect_6700 video_collaboration_vc3_platform wcd9370 snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"qcm5430_firmware video_collaboration_vc3_platform_firmware snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"_firmware qca6430_firmware snapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)_firmware wcd9385_firmware wsa8845 snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)fastconnect_6200 wcd9340_firmware wcn3660b wsa8815 wsa8845_firmware snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"wcn3660b_firmware snapdragon_429_mobile_platform_firmware sc8380xp fastconnect_6200_firmware wsa8845h_firmware wcd9375_firmware qca6391 qca6420 snapdragon_429_mobile_platform fastconnect_7800 snapdragon_7c_compute_platform_firmware aqt1000_firmware qcs6490 qcm6490_firmware wsa8840_firmware snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)fastconnect_6900 fastconnect_6900_firmware sc8380xp_firmware snapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"_firmware qca6430 sm6250 wcd9340 fastconnect_6700_firmware wsa8810_firmware wcd9341_firmware fastconnect_7800_firmware wsa8810 wsa8845h qcm5430 qcs5430 wcd9385 wcd9341 snapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"_firmware snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qcs6490_firmware qcs5430_firmware qca6391_firmware wcd9375 wcd9370_firmware aqt1000 snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"_firmware sm6250_firmware sc8180x\+sdx55_firmware wsa8830_firmware wcn3620_firmware snapdragon_7c\+_gen_3_compute_firmware wsa8815_firmware qcm6490 wsa8835_firmware wcn3620 snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)_firmware fastconnect_6800_firmware snapdragon_7c_compute_platform Snapdragon aqt1000_firmware wcd9380_firmware qcm6490_firmware wsa8840_firmware fastconnect_6900_firmware sc8380xp_firmware sdm429w_firmware fastconnect_6700_firmware wsa8810_firmware wcd9341_firmware fastconnect_7800_firmware qca6420_firmware qcm5430_firmware qca6430_firmware qcs6490_firmware qcs5430_firmware qualcomm_video_collaboration_vc3_platform_firmware qca6391_firmware wcd9385_firmware wcd9370_firmware wcd9340_firmware sm6250_firmware wsa8830_firmware wsa8845_firmware wcn3620_firmware wsa8815_firmware wcn3660b_firmware wsa8835_firmware snapdragon_429_mobile_platform_firmware fastconnect_6200_firmware wcd9375_firmware wsa8845h_firmware fastconnect_6800_firmware

CWE ID-CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CVE-2024-33065

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 18.84%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-31 Dec, 2025 | 01:04

Improper Input Validation in Camera

Memory corruption while taking snapshot when an offset variable is set by camera driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-38402

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.66% / 70.73%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Use After Free in DSP Services

Memory corruption while processing IOCTL call for getting group info.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2024-33060

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.21% / 42.41%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Use After Free in DSP Service

Memory corruption when two threads try to map and unmap a single node simultaneously.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2024-33052

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 29.67%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host

Memory corruption when user provides data for FM HCI command control operations.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-33051

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.21% / 43.71%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN Firmware

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2024-33045

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.11% / 29.67%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Return of Stack Variable Address in Buses

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-562

Return of Stack Variable Address

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-33043

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-5.5||MEDIUM

EPSS-0.11% / 28.98%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-20 Dec, 2024 | 14:33

Buffer Over-read in FM Host

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33016

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-6.8||MEDIUM

EPSS-0.12% / 30.38%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-03 Oct, 2025 | 18:37

Improper Restriction of Operations within the Bounds of a Memory Buffer in Storage

memory corruption when an invalid firehose patch command is invoked.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23364

Assigner-Qualcomm, Inc.

View Details

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.23% / 45.21%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-03 Oct, 2025 | 18:37

Buffer Over-read in WLAN Firmware

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).

Vendor-Qualcomm Technologies, Inc.