snapdragon 8 gen 1 mobile firmware · threatengine.sh

Home/Product/qualcomm snapdragon 8 gen 1 mobile firmware

Product

qualcomm snapdragon 8 gen 1 mobile firmware

92 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

Transient DOS when processing target power rate tables during channel configuration.

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.

Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmwar

Memory corruption while processing data packets in diag received from Unix clients.

Memory corruption while processing manipulated payload in video firmware.

Memory corruption while processing video packets received from video firmware.

Transient DOS while processing received beacon frame.

Cryptographic issue occurs due to use of insecure connection method while downloading.

Transient DOS may occur while processing malformed length field in SSID IEs.

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

Memory corruption while retrieving the CBOR data from TA.

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

Memory corruption while operating the mailbox in Automotive.

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null

Memory corruption while reading the FW response from the shared queue.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures oc

Memory corruption during the FRS UDS generation process.

Memory corruption while triggering commands in the PlayReady Trusted application.

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

Memory corruption while reading secure file.

Memory corruption can occur during context user dumps due to inadequate checks on buffer length.

Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due

Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.

Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.

Memory corruption while prociesing command buffer in OPE module.

Memory corruption Camera kernel when large number of devices are attached through userspace.

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

Memory corruption while encoding JPEG format.

Memory corruption during concurrent buffer access due to modification of the reference count.

Memory corruption during concurrent access to server info object due to incorrect reference count update.

Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding se

Memory corruption during concurrent access to server info object due to unprotected critical field.

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

Information disclosure while parsing the OCI IE with invalid length.

Memory corruption while power-up or power-down sequence of the camera sensor.

Memory corruption can occur in the camera when an invalid CID is used.

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

Memory corruption while validating number of devices in Camera kernel .

Memory corruption while configuring a Hypervisor based input virtual device.

Memory corruption while parsing the memory map info in IOCTL calls.

Information disclosure while processing IO control commands.

Information disclosure while processing information on firmware image during core initialization.

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list whil

Memory corruption while processing IPA statistics, when there are no active clients registered.

Memory corruption while maintaining memory maps of HLOS memory.

Memory corruption while processing IOCTL call for getting group info.

Memory corruption when two threads try to map and unmap a single node simultaneously.

Memory corruption when user provides data for FM HCI command control operations.

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

Memory corruption in Hypervisor when platform information mentioned is not aligned.

Information disclosure in Video while parsing mp2 clip with invalid section length.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immedia

Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

Memory corruption when the IOCTL call is interrupted by a signal.

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

Memory corruption while playing audio file having large-sized input buffer.

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

Memory corruption when the payload received from firmware is not as per the expected protocol size.

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

Memory corruption while verifying the serialized header when the key pairs are generated.

Memory corruption in HLOS while checking for the storage type.

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Information disclosure while parsing dts header atom in Video.

Memory corruption when multiple listeners are being registered with the same file descriptor.

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

Memory corruption in Kernel while handling GPU operations.

Memory corruption when there is failed unmap operation in GPU.

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

Transient DOS while processing DL NAS TRANSPORT message with payload length 0.

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

Memory corruption while processing finish_sign command to pass a rsp buffer.

Memory corruption in SPS Application while requesting for public key in sorter TA.

Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.

Memory corruption while processing TPC target power table in FTM TPC.

Memory corruption while parsing qcp clip with invalid chunk data size.

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

Transient DOS while processing PDU Release command with a parameter PDU ID out of range.

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

Memory corruption in Audio while processing RT proxy port register driver.

Memory corruption in Core Services while executing the command for removing a single event listener.

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin