Qualcomm ≫ Snapdragon 429 Mobile Firmware

Memory corruption while parsing the memory map info in IOCTL calls.

Information disclosure while processing IO control commands.

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

Memory corruption when two threads try to map and unmap a single node simultaneously.

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.

Memory corruption when user provides data for FM HCI command control operations.

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.