CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 0CVE-2024-49843 – Improper Validation of Array Index in Graphics_Linux
https://notcve.org/view.php?id=CVE-2024-49843
03 Feb 2025 — Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-49840 – Use of Out-of-range Pointer Offset in WLAN Windows Host
https://notcve.org/view.php?id=CVE-2024-49840
03 Feb 2025 — Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2024-45582 – Improper Validation of Array Index in Camera Driver
https://notcve.org/view.php?id=CVE-2024-45582
03 Feb 2025 — Memory corruption while validating number of devices in Camera kernel . • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2024-38414 – Buffer Over-read in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38414
03 Feb 2025 — Information disclosure while processing information on firmware image during core initialization. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 1CVE-2024-38411 – Use After Free in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38411
03 Feb 2025 — Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. In the function msm_cvp_map_buf_wncc (reachable from the EVA_KMD_REGISTER_BUFFER ioctl), after cbuf is created and fully initialized, it is unconditionally added to the linked list inst->cvpwnccbufs.list. msm_cvp_map_buf_wncc then tries to add an entry for the buffer to inst->cvpwnccbufs_table. This can fail if there are already 2400 entries in the table, in which case it is necessary to unwind all initialization... • https://packetstorm.news/files/id/189612 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 58EXPL: 0CVE-2024-33053 – Use After Free in Video
https://notcve.org/view.php?id=CVE-2024-33053
02 Dec 2024 — Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Corrupción de memoria cuando varios subprocesos intentan anular el registro del búfer CVP al mismo tiempo. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 30EXPL: 0CVE-2024-33040 – Use After Free in Camera Driver
https://notcve.org/view.php?id=CVE-2024-33040
02 Dec 2024 — Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access. Puede ocurrir corrupción de memoria al invocar el comando de liberación redundante para liberar un búfer del espacio del usuario como condición de ejecución en el espacio del núcleo entre la liberación del búfer y el acceso al búfer. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 53EXPL: 0CVE-2024-33037 – Buffer Over-read in Neural Processing Unit
https://notcve.org/view.php?id=CVE-2024-33037
02 Dec 2024 — Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. La divulgación de información ya que el firmware de la NPU puede enviar un mensaje IPC no válido al controlador de la NPU ya que el controlador no valida el mensaje IPC recibido del firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.7EPSS: 0%CPEs: 54EXPL: 0CVE-2024-33036 – Use of Out-of-range Pointer Offset in Camera Driver
https://notcve.org/view.php?id=CVE-2024-33036
02 Dec 2024 — Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. Corrupción de memoria al analizar paquetes de sensores en el controlador de la cámara, se utiliza una variable de espacio de usuario al asignar memoria en el kernel y analizar, lo que puede generar una asignación enorme o un acceso a memoria no válido. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.5EPSS: 0%CPEs: 103EXPL: 0CVE-2024-38405 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-38405
04 Nov 2024 — Transient DOS while processing the CU information from RNR IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-126: Buffer Over-read •