Qualcomm: Security Vulnerabilities
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-12-02
QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
Information disclosure due to uninitialized variable.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
Information disclosure possible while audio playback.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
Crafted Binder Request Causes Heap UAF in MediaServer
CVSS Score
7.8
EPSS Score
0.0
Published
2024-11-26
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
Initial xbl_sec revision does not have all the debug policy features and critical checks.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-11-26
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26