sm7325 firmware · threatengine.sh

Home/Product/qualcomm sm7325 firmware

Product

qualcomm sm7325 firmware

105 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption in Audio while running invalid audio recording from ADSP.

Memory corruption in DSP Services during a remote call from HLOS to DSP.

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

Transient DOS in Data modem while handling TLB control messages from the Network.

Transient DOS in Modem after RRC Setup message is received.

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Memory corruption while using the UIM diag command to get the operators name.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Memory corruption in Audio while processing the VOC packet data from ADSP.

Memory Corruption in Audio while invoking callback function in driver from ADSP.

Memory corruption while invoking callback function of AFE from ADSP.

Memory corruption while parsing the ADSP response command.

Memory corruption in DSP Service during a remote call from HLOS to DSP.

Transient DOS in WLAN Firmware while parsing rsn ies.

Transient DOS in WLAN Firmware while parsing a NAN management frame.

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Memoru corruption in Audio when ADSP sends input during record use case.

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Information disclosure in Kernel due to indirect branch misprediction.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

information disclosure due to cryptographic issue in Core during RPMB read request.

Assertion occurs while processing Reconfiguration message due to improper validation

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Memory corruption in Graphics while importing a file.

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.

Memory corruption due to double free in core while initializing the encryption key.

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Sna

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdrag

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapd

Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdra

Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Co

Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Aut

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Conn

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe res

Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Conne

Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon

Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Conne

Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Comput

Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Au

Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Comp

Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Comp

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Sn

Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute

Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdra

Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compu

Possible buffer over read due to lack of data length check in QVR Service configuration in Snapdragon Auto, Snapdragon Compute, Sn

Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdrago

Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdrag

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Sna

Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Sna

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN

Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi

Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Com

Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapd

Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Con

Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Com

Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, S

Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon A

Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snap

Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Au

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapd

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdrago

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Sna

Possible buffer over read occurs due to lack of length check of request buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snap

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Com

Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdra

Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unlo

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, S

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdrag

Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connec

Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snap

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Sna

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapd

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injectio

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin