Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2018-02-23 |
| Product | mdm9650 Firmware | Last view | 2025-05-06 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* | 770 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2025-05-06 | CVE-2024-45562 | Memory corruption during concurrent access to server info object due to unprotected critical field. |
| 7.8 | 2024-12-02 | CVE-2024-33056 | Memory corruption when allocating and accessing an entry in an SMEM partition continuously. |
| 7.8 | 2024-11-26 | CVE-2018-5852 | An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' |
| 7.8 | 2024-11-26 | CVE-2018-11952 | An image with a version lower than the fuse version may potentially be booted lead to improper authentication. |
| 5.5 | 2024-11-26 | CVE-2018-11922 | Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. |
| 7.8 | 2024-11-22 | CVE-2017-9711 | Certain unprivileged processes are able to perform IOCTL calls. |
| 7.8 | 2024-11-04 | CVE-2024-38423 | Memory corruption while processing GPU page table switch. |
| 7.8 | 2024-11-04 | CVE-2024-38422 | Memory corruption while processing voice packet with arbitrary data received from ADSP. |
| 7.8 | 2024-09-02 | CVE-2024-33060 | Memory corruption when two threads try to map and unmap a single node simultaneously. |
| 7.5 | 2024-09-02 | CVE-2024-33051 | Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. |
| 7.5 | 2024-08-05 | CVE-2024-33014 | Transient DOS while parsing ESP IE from beacon/probe response frame. |
| 7.8 | 2024-07-01 | CVE-2024-23373 | Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. |
| 7.8 | 2024-07-01 | CVE-2024-23368 | Memory corruption when allocating and accessing an entry in an SMEM partition. |
| 7.8 | 2024-07-01 | CVE-2024-21461 | Memory corruption while performing finish HMAC operation when context is freed by keymaster. |
| 7.8 | 2024-05-06 | CVE-2024-21471 | Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. |
| 7.8 | 2024-04-01 | CVE-2024-21468 | Memory corruption when there is failed unmap operation in GPU. |
| 7.8 | 2024-04-01 | CVE-2023-33023 | Memory corruption while processing finish_sign command to pass a rsp buffer. |
| 7.8 | 2024-04-01 | CVE-2023-28547 | Memory corruption in SPS Application while requesting for public key in sorter TA. |
| 7.8 | 2024-03-04 | CVE-2023-33066 | Memory corruption in Audio while processing RT proxy port register driver. |
| 7.8 | 2024-02-06 | CVE-2023-33069 | Memory corruption in Audio while processing the calibration data returned from ACDB loader. |
| 7.8 | 2024-02-06 | CVE-2023-33068 | Memory corruption in Audio while processing IIR config data from AFE calibration block. |
| 7.8 | 2024-02-06 | CVE-2023-33067 | Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| 7.1 | 2024-02-06 | CVE-2023-33065 | Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| 5.5 | 2024-02-06 | CVE-2023-33064 | Transient DOS in Audio when invoking callback function of ASM driver. |
| 7.5 | 2024-01-02 | CVE-2023-43511 | Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 15% (117) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 13% (101) | CWE-125 | Out-of-bounds Read |
| 10% (80) | CWE-787 | Out-of-bounds Write |
| 8% (65) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 7% (61) | CWE-416 | Use After Free |
| 7% (60) | CWE-190 | Integer Overflow or Wraparound |
| 5% (45) | CWE-129 | Improper Validation of Array Index |
| 5% (43) | CWE-20 | Improper Input Validation |
| 3% (28) | CWE-200 | Information Exposure |
| 3% (27) | CWE-476 | NULL Pointer Dereference |
| 2% (16) | CWE-415 | Double Free |
| 1% (11) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 1% (10) | CWE-284 | Access Control (Authorization) Issues |
| 1% (9) | CWE-287 | Improper Authentication |
| 0% (7) | CWE-617 | Reachable Assertion |
| 0% (7) | CWE-362 | Race Condition |
| 0% (5) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (5) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 0% (5) | CWE-19 | Data Handling |
| 0% (4) | CWE-338 | Use of Cryptographically Weak PRNG |
| 0% (4) | CWE-264 | Permissions, Privileges, and Access Controls |
| 0% (4) | CWE-203 | Information Exposure Through Discrepancy |
| 0% (3) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (3) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 0% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
