Vulnerabilities > Qualcomm > Snapdragon X65 5G Modem RF System Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-21461 Double Free vulnerability in Qualcomm products
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
local
low complexity
qualcomm CWE-415
7.8
2024-07-01 CVE-2024-21465 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption while processing key blob passed by the user.
local
low complexity
qualcomm CWE-125
7.8
2024-07-01 CVE-2024-21469 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
local
low complexity
qualcomm CWE-787
7.8
2024-07-01 CVE-2024-21482 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.
local
low complexity
qualcomm CWE-119
7.8
2024-07-01 CVE-2024-23373 Use After Free vulnerability in Qualcomm products
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
local
low complexity
qualcomm CWE-416
7.8
2024-02-06 CVE-2023-33072 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in Core while processing control functions.
local
low complexity
qualcomm CWE-120
7.8
2024-02-06 CVE-2023-33076 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
local
low complexity
qualcomm CWE-787
7.8
2024-02-06 CVE-2023-33046 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
local
high complexity
qualcomm CWE-367
7.0
2024-01-02 CVE-2023-33030 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in HLOS while running playready use-case.
local
low complexity
qualcomm CWE-787
7.8
2024-01-02 CVE-2023-33033 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Audio during playback with speaker protection.
local
low complexity
qualcomm CWE-787
7.8