Vulnerabilities > Qualcomm > Snapdragon 8 GEN 1 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2023-33016 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
network
low complexity
qualcomm CWE-125
7.5
2023-09-05 CVE-2023-33021 Use After Free vulnerability in Qualcomm products
Memory corruption in Graphics while processing user packets for command submission.
local
low complexity
qualcomm CWE-416
7.8
2023-08-08 CVE-2023-28575 Type Confusion vulnerability in Qualcomm products
The cam_get_device_priv function does not check the type of handle being returned (device/session/link).
local
low complexity
qualcomm CWE-843
7.8
2023-08-08 CVE-2023-28576 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it.
local
high complexity
qualcomm CWE-367
7.0
2023-08-08 CVE-2023-28577 Use After Free vulnerability in Qualcomm products
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used.
local
low complexity
qualcomm CWE-416
7.8
2023-07-04 CVE-2023-21629 Double Free vulnerability in Qualcomm products
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
low complexity
qualcomm CWE-415
6.8
2023-07-04 CVE-2023-21631 Unspecified vulnerability in Qualcomm products
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
network
low complexity
qualcomm
critical
9.8
2023-07-04 CVE-2023-21638 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.
local
low complexity
qualcomm CWE-704
7.8
2023-07-04 CVE-2023-21640 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Linux when the file upload API is called with parameters having large buffer.
local
low complexity
qualcomm CWE-787
7.8
2023-07-04 CVE-2023-21641 Unspecified vulnerability in Qualcomm products
An app with non-privileged access can change global system brightness and cause undesired system behavior.
local
low complexity
qualcomm
7.8