📦 Snapdragon 870 5g Mobile Firmware
by Qualcomm
🔍 What is Snapdragon 870 5g Mobile Firmware?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows a rogue LTE base station to bypass authentication during network attachment, enabling man-in-the-middle attacks. It affects mobile devices with Qualcomm chipsets that handle ...
This vulnerability allows memory corruption in Qualcomm's TrustZone Secure OS during Tunnel Invoke Manager initialization. Attackers could potentially execute arbitrary code in the secure execution en...
CVE-2023-28578 is a memory corruption vulnerability in Qualcomm Core Services that occurs when removing a single event listener. This allows attackers to potentially execute arbitrary code or cause de...
This vulnerability allows a denial-of-service (DoS) condition in Qualcomm wireless LAN (WLAN) chipsets when processing vendor-specific information elements in BTM (BSS Transition Management) request f...
This vulnerability allows information disclosure when a User Equipment (UE) device receives RTP packets from the network. It affects mobile devices with Qualcomm chipsets that process RTP traffic. Att...
This cryptographic vulnerability in Qualcomm chipsets allows improper handling of cryptographic API calls, potentially leading to key corruption or IV reuse. This affects devices using vulnerable Qual...
This vulnerability allows memory corruption when retrieving CBOR data from a Trusted Application (TA) in Qualcomm components. Attackers could potentially execute arbitrary code or cause denial of serv...
This vulnerability involves memory corruption during the FRS UDS generation process in Qualcomm components, potentially allowing attackers to execute arbitrary code or cause denial of service. It affe...
This CVE describes a memory corruption vulnerability in Qualcomm's secure file reading functionality. Attackers could exploit this to execute arbitrary code or cause denial of service. The vulnerabili...
This CVE describes a memory corruption vulnerability in Qualcomm components where incorrect API restrictions allow memory mapping into protected VM address space. Attackers could exploit this to execu...
CVE-2024-45564 is a use-after-free vulnerability in Qualcomm server components where concurrent access to server info objects can cause memory corruption due to incorrect reference count updates. This...
This CVE describes a use-after-free vulnerability in Qualcomm components where concurrent buffer access leads to memory corruption when reference counts are improperly modified. Attackers could potent...
This vulnerability allows attackers to read sensitive memory contents when parsing malformed OCI (Oracle Call Interface) information elements with invalid length fields. It affects systems using Qualc...
This vulnerability allows memory corruption when configuring a hypervisor-based input virtual device, potentially enabling arbitrary code execution or system compromise. It affects systems using Qualc...
This vulnerability allows memory corruption through improper handling of memory map information in IOCTL calls. Attackers could potentially execute arbitrary code or cause denial of service. This affe...
This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm's memory management subsystem that allows attackers to corrupt memory while maintaining memory maps of HLOS (High-Level Operatin...
This vulnerability allows memory corruption when two threads simultaneously map and unmap a single node in Qualcomm components. Successful exploitation could lead to arbitrary code execution or system...
This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted beacon or probe response frames to affected Wi-Fi devices. The issue occurs during parsi...
CVE-2024-21476 is a memory corruption vulnerability in Qualcomm components where improper validation of user-supplied channel IDs can lead to arbitrary code execution. This affects devices using vulne...
This vulnerability allows memory corruption during cryptographic key pair generation when verifying serialized headers. It affects systems using Qualcomm components that handle key generation, potenti...
This vulnerability allows attackers to cause a denial-of-service condition in IKEv2 implementations by sending malformed fragment packets. It affects systems using Qualcomm's IKEv2 implementation, pot...
CVE-2024-21468 is a use-after-free vulnerability in Qualcomm GPU drivers where failed memory unmapping operations can lead to memory corruption. This allows attackers to potentially execute arbitrary ...
This vulnerability allows a denial-of-service (DoS) attack on 5G NR (New Radio) devices by sending specially crafted SMS messages with non-standard container sizes. It affects mobile devices using Qua...
This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm devices by sending specially crafted DL NAS TRANSPORT messages with zero payload length. It affects mobile ...
This CVE describes a memory corruption vulnerability in Qualcomm's trusted execution environment when processing buffer initialization for certain report types. Attackers could potentially execute arb...
This CVE describes a memory corruption vulnerability in the SPS Application's sorter Trusted Application (TA) when requesting public keys. Successful exploitation could allow attackers to execute arbi...
This vulnerability allows memory corruption when parsing QCP audio files with invalid chunk data sizes. Attackers could potentially execute arbitrary code or cause denial of service by tricking users ...
This vulnerability in Qualcomm's NR (New Radio) DL NAS transport OTA processing allows an attacker to cause a denial-of-service (DoS) by sending specially crafted payload containers with incorrect len...
This vulnerability allows memory corruption in Qualcomm audio drivers when processing RT proxy port register operations. Attackers could potentially execute arbitrary code or cause denial of service o...
This CVE describes a memory corruption vulnerability in the mailbox component of Qualcomm automotive systems. Attackers could potentially execute arbitrary code or cause denial of service by exploitin...
CVE-2024-38416 is an information disclosure vulnerability in Qualcomm audio components that allows attackers to access sensitive memory contents during audio playback. This affects devices using Qualc...
This vulnerability allows attackers to access sensitive information from memory when parsing dts header atoms in video files. It affects devices using Qualcomm chipsets with vulnerable multimedia proc...
This CVE describes a use-after-free vulnerability in Qualcomm components where registering multiple listeners with the same file descriptor can cause memory corruption. This affects devices using Qual...