Vulnerabilities > Qualcomm > Sa9000P Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-09-02 CVE-2022-22099 Improper Validation of Array Index vulnerability in Qualcomm Sa8540P Firmware and Sa9000P Firmware
Memory corruption in multimedia due to improper validation of array index in Snapdragon Auto
local
low complexity
qualcomm CWE-129
7.8
7.8
2022-09-02 CVE-2022-22100 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto
local
low complexity
qualcomm CWE-787
7.8
7.8
2022-09-02 CVE-2022-22101 Resource Exhaustion vulnerability in Qualcomm products
Denial of service in multimedia due to uncontrolled resource consumption while parsing an incoming HAB message in Snapdragon Auto
local
low complexity
qualcomm CWE-400
5.5
5.5
2022-09-02 CVE-2022-22104 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption in multimedia due to improper check on the messages received.
local
low complexity
qualcomm CWE-119
7.8
7.8
2022-09-02 CVE-2022-22106 Unspecified vulnerability in Qualcomm Sa8540P Firmware and Sa9000P Firmware
Memory corruption in multimedia due to improper length check while copying the data in Snapdragon Auto
local
low complexity
qualcomm
7.8
7.8
2022-06-14 CVE-2021-35090 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
high complexity
qualcomm CWE-367
7.8
7.8
2022-06-14 CVE-2021-35094 Improper Authentication vulnerability in Qualcomm products
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-287
7.8
7.8
2022-06-14 CVE-2021-35101 Reachable Assertion vulnerability in Qualcomm products
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile
local
low complexity
qualcomm CWE-617
6.5
6.5
2022-06-14 CVE-2021-35114 Classic Buffer Overflow vulnerability in Qualcomm Sa8540P Firmware and Sa9000P Firmware
Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto
local
low complexity
qualcomm CWE-120
7.8
7.8
2022-06-14 CVE-2022-22103 Double Free vulnerability in Qualcomm Sa8540P Firmware and Sa9000P Firmware
Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto
local
low complexity
qualcomm CWE-415
7.8
7.8