Vulnerabilities > Qualcomm > Snapdragon XR2 5G Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-28576 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it.
local
high complexity
qualcomm CWE-367
7.0
2023-08-08 CVE-2023-28577 Use After Free vulnerability in Qualcomm products
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used.
local
low complexity
qualcomm CWE-416
7.8
2023-07-04 CVE-2023-21633 Out-of-bounds Write vulnerability in Qualcomm products
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
local
low complexity
qualcomm CWE-787
7.8
2023-07-04 CVE-2023-21635 Out-of-bounds Write vulnerability in Qualcomm products
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.
local
low complexity
qualcomm CWE-787
7.8
2023-07-04 CVE-2023-21637 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Linux while calling system configuration APIs.
local
low complexity
qualcomm CWE-787
7.8
2023-07-04 CVE-2023-21638 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.
local
low complexity
qualcomm CWE-704
7.8
2023-07-04 CVE-2023-21672 Use After Free vulnerability in Qualcomm products
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.
local
low complexity
qualcomm CWE-416
7.8
2023-07-04 CVE-2023-22386 Out-of-bounds Write vulnerability in Qualcomm products
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
local
low complexity
qualcomm CWE-787
7.8
2023-07-04 CVE-2023-22387 Unspecified vulnerability in Qualcomm products
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
local
low complexity
qualcomm
7.8
2023-07-04 CVE-2023-22667 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory Corruption in Audio while allocating the ion buffer during the music playback.
local
low complexity
qualcomm CWE-190
7.8