Vulnerabilities > Qualcomm > Wcd9380 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-08-05 CVE-2024-33023 Use After Free vulnerability in Qualcomm products
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
local
low complexity
qualcomm CWE-416
7.8
2024-08-05 CVE-2024-33024 Integer Overflow or Wraparound vulnerability in Qualcomm products
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
network
low complexity
qualcomm CWE-190
7.5
2024-08-05 CVE-2024-33025 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
network
low complexity
qualcomm CWE-125
7.5
2024-08-05 CVE-2024-33026 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
network
low complexity
qualcomm CWE-125
7.5
2024-08-05 CVE-2024-33027 Unspecified vulnerability in Qualcomm products
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
local
low complexity
qualcomm
7.8
2024-08-05 CVE-2024-33028 Use After Free vulnerability in Qualcomm products
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
local
low complexity
qualcomm CWE-416
7.8
2024-08-05 CVE-2024-33034 Use After Free vulnerability in Qualcomm products
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
local
low complexity
qualcomm CWE-416
7.8
2024-07-01 CVE-2023-43554 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while processing IOCTL handler in FastRPC.
local
low complexity
qualcomm CWE-787
7.8
2024-07-01 CVE-2024-21460 Use of Insufficiently Random Values vulnerability in Qualcomm products
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
local
low complexity
qualcomm CWE-330
6.5
2024-07-01 CVE-2024-21461 Double Free vulnerability in Qualcomm products
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
local
low complexity
qualcomm CWE-415
7.8