Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2023-02-12 |
| Product | ssg2125p Firmware | Last view | 2025-05-06 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:* | 215 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2025-05-06 | CVE-2025-21468 | Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
| 7.5 | 2025-05-06 | CVE-2025-21459 | Transient DOS while parsing per STA profile in ML IE. |
| 7.8 | 2025-05-06 | CVE-2024-49842 | Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| 7.8 | 2025-05-06 | CVE-2024-49841 | Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| 7.8 | 2025-03-03 | CVE-2024-53024 | Memory corruption in display driver while detaching a device. |
| 7.8 | 2025-03-03 | CVE-2024-53014 | Memory corruption may occur while validating ports and channels in Audio driver. |
| 0 | 2025-03-03 | CVE-2024-53011 | Information disclosure may occur due to improper permission and access controls to Video Analytics engine. |
| 7.8 | 2025-03-03 | CVE-2024-45580 | Memory corruption while handling multuple IOCTL calls from userspace for remote invocation. |
| 6.5 | 2025-03-03 | CVE-2024-43056 | Transient DOS during hypervisor virtual I/O operation in a virtual machine. |
| 5.5 | 2025-03-03 | CVE-2024-43051 | Information disclosure while deriving keys for a session for any Widevine use case. |
| 9.8 | 2025-02-03 | CVE-2024-49839 | Memory corruption during management frame processing due to mismatch in T2LM info element. |
| 7.5 | 2025-02-03 | CVE-2024-49838 | Information disclosure while parsing the OCI IE with invalid length. |
| 7.8 | 2025-02-03 | CVE-2024-49834 | Memory corruption while power-up or power-down sequence of the camera sensor. |
| 7.8 | 2025-02-03 | CVE-2024-49833 | Memory corruption can occur in the camera when an invalid CID is used. |
| 7.8 | 2025-02-03 | CVE-2024-38420 | Memory corruption while configuring a Hypervisor based input virtual device. |
| 7.8 | 2025-01-06 | CVE-2024-45553 | Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| 7.8 | 2025-01-06 | CVE-2024-33055 | Memory corruption while invoking IOCTL calls to unmap the DMA buffers. |
| 7.8 | 2025-01-06 | CVE-2024-33041 | Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, |
| 7.5 | 2024-12-02 | CVE-2024-33063 | Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. |
| 7.8 | 2024-12-02 | CVE-2024-33056 | Memory corruption when allocating and accessing an entry in an SMEM partition continuously. |
| 7.8 | 2024-12-02 | CVE-2024-33044 | Memory corruption while Configuring the SMR/S2CR register in Bypass mode. |
| 7.8 | 2024-11-04 | CVE-2024-38415 | Memory corruption while handling session errors from firmware. |
| 9.1 | 2024-11-04 | CVE-2024-38408 | Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. |
| 6.5 | 2024-11-04 | CVE-2024-38405 | Transient DOS while processing the CU information from RNR IE. |
| 6.5 | 2024-11-04 | CVE-2024-38403 | Transient DOS while parsing BTM ML IE when per STA profile is not included. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 29% (59) | CWE-125 | Out-of-bounds Read |
| 18% (38) | CWE-787 | Out-of-bounds Write |
| 9% (20) | CWE-416 | Use After Free |
| 8% (17) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 5% (12) | CWE-476 | NULL Pointer Dereference |
| 5% (11) | CWE-190 | Integer Overflow or Wraparound |
| 3% (8) | CWE-129 | Improper Validation of Array Index |
| 3% (7) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 1% (4) | CWE-415 | Double Free |
| 1% (4) | CWE-20 | Improper Input Validation |
| 1% (3) | CWE-617 | Reachable Assertion |
| 1% (3) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 0% (2) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (2) | CWE-126 | Buffer Over-read |
| 0% (1) | CWE-798 | Use of Hard-coded Credentials |
| 0% (1) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 0% (1) | CWE-390 | Detection of Error Condition Without Action |
| 0% (1) | CWE-362 | Race Condition |
| 0% (1) | CWE-311 | Missing Encryption of Sensitive Data |
| 0% (1) | CWE-287 | Improper Authentication |
| 0% (1) | CWE-285 | Improper Access Control (Authorization) |
| 0% (1) | CWE-284 | Access Control (Authorization) Issues |
| 0% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
