Qualcomm Security Vulnerabilities (CVEs)

This vulnerability allows memory corruption in Qualcomm chipsets when Trusted Execution Environment (TEE) components process untrusted memory addresse...

This vulnerability allows information disclosure during video calls when a device receives a malformed RTCP packet that doesn't conform to RFC standar...

This vulnerability allows unauthorized information disclosure when creating MQ channels in affected Qualcomm products. Attackers can potentially acces...

This vulnerability allows memory corruption through improper handling of IOCTL calls when adding route entries in Qualcomm hardware. Attackers could p...

This vulnerability allows memory corruption through improper handling of IOCTL map buffer requests from userspace. Attackers could potentially execute...

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm components that occurs during file descriptor handling in listener registratio...

This vulnerability allows attackers to execute arbitrary code or cause denial of service by exploiting memory corruption in IOCTL handling. It affects...

This CVE describes a memory corruption vulnerability in Qualcomm's ADSP (Audio Digital Signal Processor) when handling memory allocation from the HLOS...

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm NPU driver APIs that can be triggered through concurrent calls, leading to mem...

This vulnerability allows memory corruption in Qualcomm components when a malicious user provides a kernel address instead of a valid user buffer addr...

This vulnerability allows a malicious guest virtual machine to cause memory corruption in the host system by manipulating type values in a controlled ...

This vulnerability allows a malicious guest virtual machine to trigger memory corruption in the host system by providing specially crafted buffer data...

This vulnerability in Qualcomm components allows a denial-of-service attack when processing country information elements. It affects devices using Qua...

This CVE describes a memory corruption vulnerability in Qualcomm display drivers that occurs when detaching a device. Successful exploitation could al...

This vulnerability involves memory corruption during communication between primary and guest virtual machines in Qualcomm platforms, potentially allow...

This vulnerability allows memory corruption through improper input validation in clock device drivers on Qualcomm chipsets. Attackers could potentiall...

This CVE describes a memory corruption vulnerability in Qualcomm camera frame processing pipeline synchronization. Attackers could potentially execute...

This CVE describes a memory corruption vulnerability in Qualcomm components caused by missing locks and improper synchronization on DMA fences. Attack...

This CVE describes a memory corruption vulnerability in Qualcomm's voice activation system when sound model parameters are transferred from the HLOS (...

CVE-2024-43057 is a use-after-free vulnerability in the Glink Linux driver that allows memory corruption when processing commands. This could enable l...

This CVE describes a memory corruption vulnerability in Qualcomm camera drivers when processing IOCTL calls. Attackers could exploit this to execute a...

This vulnerability in Qualcomm UE (User Equipment) authentication processing allows improper authentication that could lead to information disclosure....

This vulnerability allows memory corruption through improper input validation when processing IOCTL calls related to GPU AHB bus error handling. Attac...

This vulnerability allows memory corruption when user-space applications make IOCTL calls to validate FIPS encryption/decryption functionality. Attack...

This vulnerability allows memory corruption during Wi-Fi management frame processing due to a mismatch in T2LM (Target Wake Time Link Management) info...

This vulnerability allows attackers to read sensitive memory contents when parsing malformed OCI (Oracle Call Interface) information elements with inv...

This vulnerability allows memory corruption during guest virtual machine suspend operations in Qualcomm hypervisors. Attackers could potentially execu...

This vulnerability involves memory corruption during camera sensor power-up or power-down sequences on Qualcomm devices. It could allow attackers to e...

This vulnerability allows memory corruption in Qualcomm camera components when an invalid CID (Camera ID) is used. Attackers could potentially execute...

This vulnerability allows memory corruption when userspace makes a compat IOCTL call followed by a normal IOCTL call, potentially leading to privilege...

This CVE describes a memory corruption vulnerability in the Camera kernel driver when validating the number of devices. Successful exploitation could ...

This vulnerability allows memory corruption through negative indexing of display ID during test pattern generation. It affects systems using Qualcomm ...

This vulnerability allows memory corruption when handling IOCTL calls from user-space to set latency levels in Qualcomm components. Attackers could po...

This CVE describes a memory corruption vulnerability in Qualcomm hardware encoders when taking snapshots due to unvalidated userspace buffers. Attacke...

This vulnerability allows memory corruption when configuring a hypervisor-based input virtual device, potentially enabling arbitrary code execution or...

This vulnerability allows memory corruption through improper handling of memory map information in IOCTL calls. Attackers could potentially execute ar...

CVE-2024-38416 is an information disclosure vulnerability in Qualcomm audio components that allows attackers to access sensitive memory contents durin...

This vulnerability allows memory corruption while processing frame packets in Qualcomm components, potentially enabling attackers to execute arbitrary...

This CVE describes a memory corruption vulnerability in Qualcomm components where improper validation of user-space buffers during IOCTL calls allows ...

This vulnerability in Qualcomm modems allows a transient denial-of-service (DoS) condition when the device receives a registration accept message with...

This vulnerability allows a denial-of-service (DoS) condition in Qualcomm's GVM (Guest Virtual Machine) when it sends a specific message type to the V...

This vulnerability in Qualcomm Wi-Fi drivers allows attackers to cause a denial-of-service (DoS) condition by sending specially crafted packets. The d...

This vulnerability allows attackers to bypass boot verification by overwriting an already verified IFS2 image, enabling injection of unauthorized prog...

This CVE describes a use-after-free vulnerability in Qualcomm components where memory corruption can occur when process-specific maps are improperly h...

This vulnerability allows memory corruption through IOCTL calls to the MCDM driver, potentially leading to privilege escalation or system compromise. ...

This vulnerability allows attackers to cause memory corruption through a specific IOCTL call related to FIPS encryption/decryption validation. It affe...

This vulnerability allows memory corruption through a specific IOCTL call when processing FIPS encryption/decryption verification in Qualcomm componen...

This vulnerability allows memory corruption when processing FIPS encryption/decryption IOCTL calls from user-space in Qualcomm components. Attackers c...

This vulnerability allows memory corruption when a user-space application makes a specific IOCTL call to write board data to the WLAN driver. Attacker...