Core
by Qualcomm
CVEs (20)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33072 | Cri | 0.60 | 9.3 | 0.00 | Feb 6, 2024 | Memory corruption in Core while processing control functions. | ||
| CVE-2022-33288 | Cri | 0.60 | 9.3 | 0.00 | Apr 13, 2023 | Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. | ||
| CVE-2022-33269 | Cri | 0.60 | 9.3 | 0.00 | Apr 13, 2023 | Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. | ||
| CVE-2022-33231 | Cri | 0.60 | 9.3 | 0.00 | Apr 13, 2023 | Memory corruption due to double free in core while initializing the encryption key. | ||
| CVE-2022-33257 | Cri | 0.60 | 9.3 | 0.00 | Mar 10, 2023 | Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. | ||
| CVE-2023-24852 | Hig | 0.55 | 8.4 | 0.00 | Nov 7, 2023 | Memory Corruption in Core due to secure memory access by user while loading modem image. | ||
| CVE-2023-24844 | Hig | 0.55 | 8.4 | 0.00 | Oct 3, 2023 | Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range. | ||
| CVE-2022-40507 | Hig | 0.55 | 8.4 | 0.01 | Jun 6, 2023 | Memory corruption due to double free in Core while mapping HLOS address to the list. | ||
| CVE-2022-40520 | Hig | 0.55 | 8.4 | 0.01 | Jan 9, 2023 | Memory corruption due to stack-based buffer overflow in Core | ||
| CVE-2022-40517 | Hig | 0.55 | 8.4 | 0.00 | Jan 9, 2023 | Memory corruption in core due to stack-based buffer overflow | ||
| CVE-2022-40516 | Hig | 0.55 | 8.4 | 0.01 | Jan 9, 2023 | Memory corruption in Core due to stack-based buffer overflow. | ||
| CVE-2023-33087 | Hig | 0.51 | 7.8 | 0.00 | Dec 5, 2023 | Memory corruption in Core while processing RX intent request. | ||
| CVE-2023-33060 | Hig | 0.46 | 7.1 | 0.00 | Feb 6, 2024 | Transient DOS in Core when DDR memory check is called while DDR is not initialized. | ||
| CVE-2022-33263 | Med | 0.44 | 6.7 | 0.00 | Jun 6, 2023 | Memory corruption due to use after free in Core when multiple DCI clients register and deregister. | ||
| CVE-2022-33226 | Med | 0.44 | 6.7 | 0.00 | Jun 6, 2023 | Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications. | ||
| CVE-2022-33224 | Med | 0.44 | 6.7 | 0.00 | Jun 6, 2023 | Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries. | ||
| CVE-2022-40519 | Med | 0.44 | 6.8 | 0.00 | Jan 9, 2023 | Information disclosure due to buffer overread in Core | ||
| CVE-2022-40518 | Med | 0.44 | 6.8 | 0.00 | Jan 9, 2023 | Information disclosure due to buffer overread in Core | ||
| CVE-2023-33076 | Med | 0.38 | 5.9 | 0.00 | Feb 6, 2024 | Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. | ||
| CVE-2022-33260 | Med | 0.38 | 5.9 | 0.00 | Mar 10, 2023 | Memory corruption due to stack based buffer overflow in core while sending command from USB of large size. |
- risk 0.60cvss 9.3epss 0.00
Memory corruption in Core while processing control functions.
- risk 0.60cvss 9.3epss 0.00
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
- risk 0.60cvss 9.3epss 0.00
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
- risk 0.60cvss 9.3epss 0.00
Memory corruption due to double free in core while initializing the encryption key.
- risk 0.60cvss 9.3epss 0.00
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
- risk 0.55cvss 8.4epss 0.00
Memory Corruption in Core due to secure memory access by user while loading modem image.
- risk 0.55cvss 8.4epss 0.00
Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.
- risk 0.55cvss 8.4epss 0.01
Memory corruption due to double free in Core while mapping HLOS address to the list.
- risk 0.55cvss 8.4epss 0.01
Memory corruption due to stack-based buffer overflow in Core
- risk 0.55cvss 8.4epss 0.00
Memory corruption in core due to stack-based buffer overflow
- risk 0.55cvss 8.4epss 0.01
Memory corruption in Core due to stack-based buffer overflow.
- risk 0.51cvss 7.8epss 0.00
Memory corruption in Core while processing RX intent request.
- risk 0.46cvss 7.1epss 0.00
Transient DOS in Core when DDR memory check is called while DDR is not initialized.
- risk 0.44cvss 6.7epss 0.00
Memory corruption due to use after free in Core when multiple DCI clients register and deregister.
- risk 0.44cvss 6.7epss 0.00
Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.
- risk 0.44cvss 6.7epss 0.00
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.
- risk 0.44cvss 6.8epss 0.00
Information disclosure due to buffer overread in Core
- risk 0.44cvss 6.8epss 0.00
Information disclosure due to buffer overread in Core
- risk 0.38cvss 5.9epss 0.00
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
- risk 0.38cvss 5.9epss 0.00
Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.