Vulnerabilities > Qualcomm > Snapdragon X35 5G Modem RF System Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-23385 Reachable Assertion vulnerability in Qualcomm products
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
network
low complexity
qualcomm CWE-617
6.5
2024-11-04 CVE-2024-38408 Unspecified vulnerability in Qualcomm products
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
network
low complexity
qualcomm
critical
9.1
2024-11-04 CVE-2024-38419 Use After Free vulnerability in Qualcomm products
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
local
low complexity
qualcomm CWE-416
7.8
2024-11-04 CVE-2024-38422 Unspecified vulnerability in Qualcomm products
Memory corruption while processing voice packet with arbitrary data received from ADSP.
local
low complexity
qualcomm
7.8
2024-11-04 CVE-2024-38424 Use After Free vulnerability in Qualcomm products
Memory corruption during GNSS HAL process initialization.
local
low complexity
qualcomm CWE-416
7.8
2024-10-07 CVE-2024-23369 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
local
low complexity
qualcomm CWE-119
7.8
2024-09-02 CVE-2024-33045 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
local
low complexity
qualcomm CWE-787
7.8
2024-09-02 CVE-2024-33050 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
network
low complexity
qualcomm CWE-125
7.5
2024-09-02 CVE-2024-33060 Use After Free vulnerability in Qualcomm products
Memory corruption when two threads try to map and unmap a single node simultaneously.
local
low complexity
qualcomm CWE-416
7.8
2024-08-05 CVE-2024-23355 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when keymaster operation imports a shared key.
local
low complexity
qualcomm CWE-787
7.8