
CVE-2024-53014 – Improper Validation of Array Index in Audio
https://notcve.org/view.php?id=CVE-2024-53014
03 Mar 2025 — Memory corruption may occur while validating ports and channels in Audio driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html • CWE-129: Improper Validation of Array Index •

CVE-2024-43056 – Buffer Over-read in Hypervisor
https://notcve.org/view.php?id=CVE-2024-43056
03 Mar 2025 — Transient DOS during hypervisor virtual I/O operation in a virtual machine. • https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html • CWE-126: Buffer Over-read •

CVE-2024-43051 – Improper Authorization in SPS-HLOS
https://notcve.org/view.php?id=CVE-2024-43051
03 Mar 2025 — Information disclosure while deriving keys for a session for any Widevine use case. • https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html • CWE-285: Improper Authorization •

CVE-2024-38426 – Improper Authentication in Modem
https://notcve.org/view.php?id=CVE-2024-38426
03 Mar 2025 — While processing the authentication message in UE, improper authentication may lead to information disclosure. • https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html • CWE-287: Improper Authentication •

CVE-2024-49838 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-49838
03 Feb 2025 — Information disclosure while parsing the OCI IE with invalid length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •

CVE-2024-49834 – Improper Validation of Array Index in Camera
https://notcve.org/view.php?id=CVE-2024-49834
03 Feb 2025 — Memory corruption while power-up or power-down sequence of the camera sensor. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •

CVE-2024-45584 – Untrusted Pointer Dereference in Automotive Android OS
https://notcve.org/view.php?id=CVE-2024-45584
03 Feb 2025 — Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-822: Untrusted Pointer Dereference •

CVE-2024-38420 – Improper Input Validation in Hypervisor
https://notcve.org/view.php?id=CVE-2024-38420
03 Feb 2025 — Memory corruption while configuring a Hypervisor based input virtual device. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-20: Improper Input Validation •

CVE-2024-33067 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-33067
06 Jan 2025 — Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •

CVE-2024-43052 – Improper Input Validation in Video Analytics and Processing
https://notcve.org/view.php?id=CVE-2024-43052
02 Dec 2024 — Memory corruption while processing API calls to NPU with invalid input. Corrupción de memoria al procesar llamadas API a NPU con entrada no válida. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-20: Improper Input Validation •