Qualcomm: Security Vulnerabilities
QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-11-26
Information disclosure due to uninitialized variable.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26
Information disclosure possible while audio playback.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26
Crafted Binder Request Causes Heap UAF in MediaServer
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-26
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26
An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26
Initial xbl_sec revision does not have all the debug policy features and critical checks.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26
On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-11-26
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
CVSS Score
8.4
EPSS Score
0.001
Published
2024-11-26
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-11-26