sm8450 firmware · threatengine.sh

Home/Product/qualcomm sm8450 firmware

Product

qualcomm sm8450 firmware

81 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Memory corruption in Core while processing RX intent request.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption in DSP Services during a remote call from HLOS to DSP.

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

Transient DOS in Data modem while handling TLB control messages from the Network.

Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.

Transient DOS in Modem after RRC Setup message is received.

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Memory corruption while using the UIM diag command to get the operators name.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Transient DOS in WLAN Firmware while parsing no-inherit IES.

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

Memory corruption in DSP Service during a remote call from HLOS to DSP.

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

Transient DOS in WLAN Firmware while parsing rsn ies.

Transient DOS in WLAN Firmware while parsing a NAN management frame.

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Transient DOS in Modem while processing invalid System Information Block 1.

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

Transient DOS in Audio while remapping channel buffer in media codec decoding.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Transient DOS while parsing WLAN beacon or probe-response frame.

Transient DOS in WLAN Firmware while parsing FT Information Elements.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Information disclosure in Kernel due to indirect branch misprediction.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource M

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Memory corruption due to use after free in Core when multiple DCI clients register and deregister.

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client a

Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

information disclosure due to cryptographic issue in Core during RPMB read request.

Assertion occurs while processing Reconfiguration message due to improper validation

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not suppor

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a s

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.

Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.

Memory corruption due to double free in core while initializing the encryption key.

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapd

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapd

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdrago

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, S

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto,

Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute,

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Sna

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon C

Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdrag

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapd

Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdra

Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Co

Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Aut

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Conn

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe res

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin