Qualcomm ≫ Msm8909w Firmware

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.

Memory corruption while processing API calls to NPU with invalid input.

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'

An image with a version lower than the fuse version may potentially be booted lead to improper authentication.

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Certain unprivileged processes are able to perform IOCTL calls.

Memory corruption while processing GPU page table switch.

Memory corruption while processing voice packet with arbitrary data received from ADSP.

Memory corruption when user provides data for FM HCI command control operations.

Memory corruption when Alternative Frequency offset value is set to 255.