CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 0CVE-2024-49843 – Improper Validation of Array Index in Graphics_Linux
https://notcve.org/view.php?id=CVE-2024-49843
03 Feb 2025 — Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2024-45582 – Improper Validation of Array Index in Camera Driver
https://notcve.org/view.php?id=CVE-2024-45582
03 Feb 2025 — Memory corruption while validating number of devices in Camera kernel . • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 7.0EPSS: 0%CPEs: 30EXPL: 0CVE-2024-33040 – Use After Free in Camera Driver
https://notcve.org/view.php?id=CVE-2024-33040
02 Dec 2024 — Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access. Puede ocurrir corrupción de memoria al invocar el comando de liberación redundante para liberar un búfer del espacio del usuario como condición de ejecución en el espacio del núcleo entre la liberación del búfer y el acceso al búfer. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 54EXPL: 0CVE-2024-33036 – Use of Out-of-range Pointer Offset in Camera Driver
https://notcve.org/view.php?id=CVE-2024-33036
02 Dec 2024 — Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. Corrupción de memoria al analizar paquetes de sensores en el controlador de la cámara, se utiliza una variable de espacio de usuario al asignar memoria en el kernel y analizar, lo que puede generar una asignación enorme o un acceso a memoria no válido. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 82EXPL: 0CVE-2024-38421 – Use After Free in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38421
04 Nov 2024 — Memory corruption while processing GPU commands. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 103EXPL: 0CVE-2024-38405 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-38405
04 Nov 2024 — Transient DOS while processing the CU information from RNR IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.7EPSS: 0%CPEs: 22EXPL: 0CVE-2024-33030 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Performance
https://notcve.org/view.php?id=CVE-2024-33030
04 Nov 2024 — Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 40EXPL: 0CVE-2024-23377 – Use of Out-of-range Pointer Offset in ComputerVision
https://notcve.org/view.php?id=CVE-2024-23377
04 Nov 2024 — Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.4EPSS: 0%CPEs: 42EXPL: 0CVE-2024-38399 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2024-38399
07 Oct 2024 — Memory corruption while processing user packets to generate page faults. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2024-23376 – Use After Free in ComputerVision
https://notcve.org/view.php?id=CVE-2024-23376
07 Oct 2024 — Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •