Vulnerabilities > Qualcomm > Qcs8550 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-06 | CVE-2024-33055 | Use After Free vulnerability in Qualcomm products Memory corruption while invoking IOCTL calls to unmap the DMA buffers. | 7.8 |
| 2025-01-06 | CVE-2024-33059 | Use After Free vulnerability in Qualcomm products Memory corruption while processing frame command IOCTL calls. | 7.8 |
| 2025-01-06 | CVE-2024-33061 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process. | 5.5 |
| 2025-01-06 | CVE-2024-45553 | Use After Free vulnerability in Qualcomm products Memory corruption can occur when process-specific maps are added to the global list. | 7.8 |
| 2025-01-06 | CVE-2024-45558 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | 7.5 |
| 2024-12-02 | CVE-2024-33044 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | 7.8 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-12-02 | CVE-2024-33063 | Integer Overflow or Wraparound vulnerability in Qualcomm products Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. | 7.5 |
| 2024-12-02 | CVE-2024-43052 | Unspecified vulnerability in Qualcomm products Memory corruption while processing API calls to NPU with invalid input. | 7.8 |
| 2024-11-04 | CVE-2024-23377 | Unspecified vulnerability in Qualcomm products Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver. | 6.7 |