CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-38412 – Use After Free in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38412
03 Feb 2025 — Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 1CVE-2024-38411 – Use After Free in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38411
03 Feb 2025 — Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. In the function msm_cvp_map_buf_wncc (reachable from the EVA_KMD_REGISTER_BUFFER ioctl), after cbuf is created and fully initialized, it is unconditionally added to the linked list inst->cvpwnccbufs.list. msm_cvp_map_buf_wncc then tries to add an entry for the buffer to inst->cvpwnccbufs_table. This can fail if there are already 2400 entries in the table, in which case it is necessary to unwind all initialization... • https://packetstorm.news/files/id/189612 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38404 – Buffer Over-read in Multi Mode Call Processor
https://notcve.org/view.php?id=CVE-2024-38404
03 Feb 2025 — Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-45558 – Buffer Over-read in WLAN Host Cmn
https://notcve.org/view.php?id=CVE-2024-45558
06 Jan 2025 — Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45555 – Integer Overflow to Buffer Overflow in Automotive OS Platform
https://notcve.org/view.php?id=CVE-2024-45555
06 Jan 2025 — Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45553 – Use After Free in DSP Services
https://notcve.org/view.php?id=CVE-2024-45553
06 Jan 2025 — Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45542 – Stack-based Buffer Overflow in WLAN Windows Host
https://notcve.org/view.php?id=CVE-2024-45542
06 Jan 2025 — Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45541 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Windows Host
https://notcve.org/view.php?id=CVE-2024-45541
06 Jan 2025 — Memory corruption when IOCTL call is invoked from user-space to read board data. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43064 – Permissions, Privileges, and Access Controls issue in Automotive OS Platform
https://notcve.org/view.php?id=CVE-2024-43064
06 Jan 2025 — Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33067 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-33067
06 Jan 2025 — Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •