Qualcomm 205_mobile_platform_firmware
15 CVEs affecting Qualcomm 205_mobile_platform_firmware. Latest disclosed: 2025-09-24. Critical: 0, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-33056 | High | 8.4 | 2024-12-02 | Memory corruption when allocating and accessing an entry in an SMEM partition continuously. |
CVE-2024-33027 | High | 8.4 | 2024-08-05 | Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table. |
CVE-2024-23373 | High | 8.4 | 2024-07-01 | Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. |
CVE-2025-21487 | High | 8.2 | 2025-09-24 | Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. |
CVE-2024-53026 | High | 8.2 | 2025-06-03 | Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. |
CVE-2024-53021 | High | 8.2 | 2025-06-03 | Information disclosure may occur while processing goodbye RTCP packet from network. |
CVE-2024-53020 | High | 8.2 | 2025-06-03 | Information disclosure may occur while decoding the RTP packet with invalid header extension from network. |
CVE-2024-23359 | High | 8.2 | 2024-09-02 | Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. |
CVE-2024-43052 | High | 7.8 | 2024-12-02 | Memory corruption while processing API calls to NPU with invalid input. |
CVE-2024-38423 | High | 7.8 | 2024-11-04 | Memory corruption while processing GPU page table switch. |
CVE-2024-38422 | High | 7.8 | 2024-11-04 | Memory corruption while processing voice packet with arbitrary data received from ADSP. |
CVE-2024-23385 | High | 7.5 | 2024-11-04 | Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. |
CVE-2024-23358 | High | 7.5 | 2024-09-02 | Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. |
CVE-2024-23353 | High | 7.5 | 2024-08-05 | Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. |
CVE-2024-33043 | Medium | 5.5 | 2024-09-02 | Transient DOS while handling PS event when Program Service name length offset value is set to 255. |