Vulnerabilities > Qualcomm > Sw5100 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-02 | CVE-2024-33036 | Use of Out-of-range Pointer Offset vulnerability in Qualcomm products Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. | 6.7 |
| 2024-12-02 | CVE-2024-33037 | Buffer Over-read vulnerability in Qualcomm products Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | 6.1 |
| 2024-12-02 | CVE-2024-33039 | Untrusted Pointer Dereference vulnerability in Qualcomm products Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service. | 6.7 |
| 2024-12-02 | CVE-2024-33040 | Unspecified vulnerability in Qualcomm products Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access. | 7.0 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-11-04 | CVE-2024-33032 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. | 6.7 |
| 2024-11-04 | CVE-2024-38408 | Unspecified vulnerability in Qualcomm products Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. | 9.1 |
| 2024-11-04 | CVE-2024-38415 | Use After Free vulnerability in Qualcomm products Memory corruption while handling session errors from firmware. | 7.8 |
| 2024-11-04 | CVE-2024-38419 | Use After Free vulnerability in Qualcomm products Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. | 7.8 |
| 2024-11-04 | CVE-2024-38421 | Use After Free vulnerability in Qualcomm products Memory corruption while processing GPU commands. | 7.8 |