Vulnerabilities > Qualcomm > Snapdragon X55 5G Modem RF System Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-06 | CVE-2024-45562 | Use After Free vulnerability in Qualcomm products Memory corruption during concurrent access to server info object due to unprotected critical field. | 7.8 |
| 2025-05-06 | CVE-2024-45564 | Use After Free vulnerability in Qualcomm products Memory corruption during concurrent access to server info object due to incorrect reference count update. | 7.8 |
| 2025-05-06 | CVE-2024-45566 | Use After Free vulnerability in Qualcomm products Memory corruption during concurrent buffer access due to modification of the reference count. | 7.8 |
| 2025-05-06 | CVE-2024-45570 | Use of Out-of-range Pointer Offset vulnerability in Qualcomm products Memory corruption may occur during IO configuration processing when the IO port count is invalid. | 7.8 |
| 2024-12-02 | CVE-2024-33036 | Use of Out-of-range Pointer Offset vulnerability in Qualcomm products Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. | 6.7 |
| 2024-12-02 | CVE-2024-33037 | Buffer Over-read vulnerability in Qualcomm products Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | 6.1 |
| 2024-12-02 | CVE-2024-33040 | Unspecified vulnerability in Qualcomm products Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access. | 7.0 |
| 2024-12-02 | CVE-2024-33044 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | 7.8 |
| 2024-12-02 | CVE-2024-33053 | Use After Free vulnerability in Qualcomm products Memory corruption when multiple threads try to unregister the CVP buffer at the same time. | 6.7 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |