sdx57m firmware · threatengine.sh

Home/Product/qualcomm sdx57m firmware

Product

qualcomm sdx57m firmware

131 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Memory corruption when decoding corrupted satellite data files with invalid signature offsets.

Transient DOS when MAC configures config id greater than supported maximum value.

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

Memory corruption while selecting the PLMN from SOR failed list.

memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.

Cryptographic issue while performing RSA PKCS padding decoding.

Transient DOS while processing CCCH data when NW sends data with invalid length.

Information disclosure while processing the hash segment in an MBN file.

Information disclosure while reading data from an image using specified offset and size parameters.

Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

Memory corruption while operating the mailbox in Automotive.

Memory corruption may occur while attaching VM when the HLOS retains access to VM.

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

There may be information disclosure during memory re-allocation in TZ Secure OS.

Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP.

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

While processing the authentication message in UE, improper authentication may lead to information disclosure.

Memory corruption while configuring a Hypervisor based input virtual device.

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

memory corruption when an invalid firehose patch command is invoked.

Cryptographic issue while parsing RSA keys in COBR format.

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

Memory corruption while processing key blob passed by the user.

Transient DOS while loading the TA ELF file.

Memory corruption in Hypervisor when platform information mentioned is not aligned.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immedia

Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

Memory corruption in HLOS while checking for the storage type.

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

Transient DOS while processing DL NAS TRANSPORT message with payload length 0.

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

Transient DOS while processing PDU Release command with a parameter PDU ID out of range.

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in

Memory corruption in Core Services while executing the command for removing a single event listener.

Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.

Memory corruption in Core while processing control functions.

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.

Transient DOS in Data Modem during DTLS handshake.

Memory corruption while receiving a message in Bus Socket Transport Server.

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.

Memory corruption in Audio during playback with speaker protection.

Memory corruption in HLOS while running playready use-case.

Transient DOS in Data modem while handling TLB control messages from the Network.

Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.

Transient DOS in Modem after RRC Setup message is received.

Memory corruption while using the UIM diag command to get the operators name.

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

Memory corruption while loading an ELF segment in TEE Kernel.

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

Memory corruption in TZ Secure OS while loading an app ELF.

Memory Corruption in Core due to secure memory access by user while loading modem image.

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

Transient DOS in Modem while allocating DSM items.

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

Improper Access to the VM resource manager can lead to Memory Corruption.

Memory Corruption in Core Platform while printing the response buffer in log.

Memory corruption in Core Platform while printing the response buffer in log.

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from netw

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Information disclosure in Kernel due to indirect branch misprediction.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

information disclosure due to cryptographic issue in Core during RPMB read request.

Assertion occurs while processing Reconfiguration message due to improper validation

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not suppor

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.

Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.

Memory corruption due to double free in core while initializing the encryption key.

Transient DOS in modem due to reachable assertion.

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Memory corruption due to improper validation of array index in Multi-mode call processor.

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout

Memory corruption in modem due to buffer overflow while processing a PPP packet

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

Denial of service in MODEM due to improper pointer handling

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto,

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapd

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Sn

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor tran

Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdrag

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT,

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon I

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto

Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon In

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device con

Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdrag

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, S

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Sn

Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Comp

Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapd

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Au

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Aut

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon

Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin