Qualcomm : Security Vulnerabilities, CVEs, (Gain Privilege)

Memory corruption in Automotive Multimedia due to improper access control in HAB.

Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities.

Transient DOS in Automotive OS due to improper authentication to the secure IO calls.

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.

Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).

Cryptographic issue in HLOS during key management.

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Memory Corruption in Core due to secure memory access by user while loading modem image.

Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.

Improper Access to the VM resource manager can lead to Memory Corruption.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Memory corruption in HAB Memory management due to broad system privileges via physical address.

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

Memory corruption in Automotive Android OS due to improper validation of array index.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Transient DOS due to improper authorization in Modem

Memory corruption due to improper access control in Qualcomm IPC.

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking