Qualcomm Security Vulnerabilities (CVEs)

This vulnerability allows user-space applications to trigger memory corruption through an IOCTL call when reading board data. It affects systems using...

This CVE describes a denial-of-service vulnerability in Qualcomm System Memory Management Unit (SMMU) where uncontrolled resource consumption occurs w...

This vulnerability allows unauthorized access to mailbox data through the mailbox read API, potentially exposing sensitive information. It affects Qua...

This vulnerability allows information disclosure through improper handling of IOCTL calls in Qualcomm trusted execution environments. Attackers can po...

This vulnerability allows attackers to cause memory corruption by making specific IOCTL calls to unmap DMA buffers in Qualcomm components. It affects ...

This CVE describes an information disclosure vulnerability in Qualcomm mailbox write API where processing oversized messages can leak sensitive data. ...

This CVE describes a memory corruption vulnerability in Qualcomm's IPA (IP Accelerator) statistics processing when no active clients are registered. S...

This vulnerability allows memory corruption when user-space applications make IOCTL calls to read WLAN diagnostic information. Attackers could potenti...

This vulnerability allows memory corruption in Qualcomm NPU (Neural Processing Unit) drivers when processing API calls with invalid input. Attackers c...

This vulnerability allows local attackers to cause memory corruption in WLAN drivers by sending specially crafted IOCTL calls. It affects systems with...

This vulnerability allows local attackers to cause memory corruption in WLAN drivers by sending specially crafted IOCTL calls. It affects devices usin...

This vulnerability allows memory corruption when invalid input is passed to the GPU Headroom API call in Qualcomm components. Attackers could potentia...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted beacon frames with malformed Multi-Lin...

CVE-2024-33056 is a memory corruption vulnerability in Qualcomm's Shared Memory (SMEM) subsystem that allows attackers to potentially execute arbitrar...

CVE-2024-33053 is a use-after-free vulnerability in Qualcomm's CVP buffer management that allows memory corruption when multiple threads simultaneousl...

This vulnerability allows memory corruption when configuring SMR/S2CR registers in Bypass mode on Qualcomm chipsets. Attackers could potentially execu...

This vulnerability allows memory corruption when a PAL client passes random values as handles to PAL service APIs without proper validation. It affect...

This CVE describes a memory corruption vulnerability in Qualcomm camera drivers where a user-space variable is used for kernel memory allocation, pote...

CVE-2018-11816 is a use-after-free vulnerability in Android's MediaServer component that allows attackers to execute arbitrary code with elevated priv...

CVE-2017-18306 is an information disclosure vulnerability in Qualcomm components that allows attackers to read uninitialized memory due to improper va...

CVE-2017-9711 is a privilege escalation vulnerability in Qualcomm components where unprivileged processes can perform IOCTL calls that should be restr...

This vulnerability allows memory corruption during GPU page table switching in Qualcomm GPU drivers. Attackers could potentially execute arbitrary cod...

This vulnerability allows memory corruption while processing GPU commands in Qualcomm hardware, potentially enabling attackers to execute arbitrary co...

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm firmware that occurs when handling session errors. An attacker could exploit t...

This CVE describes a memory corruption vulnerability in Qualcomm's station LL statistic handling that could allow attackers to execute arbitrary code ...

This vulnerability allows memory corruption in the Qualcomm JPEG Encoder driver when processing IOCTL input parameters. Attackers could exploit this t...

This vulnerability allows attackers to cause a Denial of Service (DoS) condition by sending specially crafted Radio Resource Control (RRC) messages co...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted MBSSID Information Element fragments i...

This CVE describes a memory corruption vulnerability in Qualcomm components where asynchronous modification of shared memory by user applications whil...

This CVE describes a memory corruption vulnerability in Qualcomm's IPC frequency table parameter parsing for LPLH (likely Low Power Low Hardware). Whe...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in mobile devices by sending specially crafted MAC RAR messages with ...

This vulnerability allows memory corruption in Qualcomm EVA drivers when user-space applications modify packet sizes after system properties have been...

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm's memory management subsystem that allows attackers to corrupt memory while ma...

This vulnerability allows memory corruption through specially crafted user packets that trigger page faults in Qualcomm components. Attackers could po...

This vulnerability allows attackers to read sensitive information from Wi-Fi chipsets when parsing Multi-Link Device (MLD) information elements. It af...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted beacon or probe response frames contai...

This vulnerability allows memory corruption in Qualcomm camera drivers when taking snapshots with specific offset variables. Attackers could potential...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted beacon frames with specific Extension ...

This vulnerability allows memory corruption through IOCTL calls to the MSM module during audio operations on Qualcomm devices. Attackers could potenti...

This CVE describes a memory corruption vulnerability in Qualcomm network scanning functionality that could allow an attacker to execute arbitrary code...

This vulnerability allows memory corruption when two processes concurrently create and destroy the same HAB virtual channel via IOCTL calls. It affect...

This vulnerability allows memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a Qualcomm driver. Attackers ...

This vulnerability allows attackers to cause memory corruption through a specific IOCTL call for group information retrieval. Successful exploitation ...

This vulnerability allows memory corruption when two threads simultaneously map and unmap a single node in Qualcomm components. Successful exploitatio...

This vulnerability allows memory corruption during the handshake process between Primary and Trusted Virtual Machines in Qualcomm platforms. Attackers...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition in affected Wi-Fi systems by sending specially crafted beacon frame...