Gengjia Chen

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** The issue is related to a use-after-free flaw in the NFS filesystem in the Linux Kernel, specifically in the `nfsd4 ssc setup dul` function in `fs/nfsd/nfs4proc.c`. This flaw could allow a local attacker to crash the system or lead to a kernel information leak problem. The vulnerability is associated with the repeated use of previously freed memory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free vulnerability in the Linux kernel's NFS file system driver. This flaw allows a remote attacker to cause a denial of service. The vulnerability is specifically found in the ` nfs42 ssc open()` function in `fs/nfs/nfs4file.c`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.19.9 **Description** The issue is related to the `stex queuecommand lck()` function in the Linux kernel, which is associated with the disclosure of information in an error data area. This can allow an attacker to gain unauthorized access to protected information. The problem arises because `stex queuecommand lck` lacks a `memset` for the `PASSTHRU CMD` case, enabling local users to obtain sensitive information from kernel memory. **Recommendations** For Linux kernel versions through 5.19.9, consider updating to a version that includes a fix for this issue, as the current version allows local users to obtain sensitive information due to a missing `memset` in the `stex queuecommand lck` function for the `PASSTHRU CMD` case. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm Snapdragon (affected versions not specified) **Description** The issue is related to a possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm Snapdragon (affected versions not specified) **Description** The issue arises from the processing of DCB/AVB algorithm with an invalid queue index from an IOCTL request, potentially leading to arbitrary address modification. This affects various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon (affected versions not specified) Description: The issue is related to a possible buffer over read due to improper validation of a data pointer while parsing FILS indication IE. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wired Infrastructure and Networking. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Snapdragon Auto (affected versions not specified) Snapdragon Mobile (affected versions not specified) **Description** The issue is related to a potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs, which can lead to denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 5.10.x through 5.10.154 **Description** The issue is related to a use-after-free in the `io sqpoll wait sq` function in `fs/io uring.c`, which allows an attacker to crash the kernel, resulting in denial of service. The `finish wait` function can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. **Recommendations** For Linux kernel versions 5.10.x through 5.10.154, update to a version after 5.10.155 to resolve the issue. As a temporary workaround, consider restricting the use of the `io sqpoll wait sq` function in `fs/io uring.c` to minimize the risk of exploitation. Avoid forking and quickly terminating processes to reduce the likelihood of an attack.

**Name of the Vulnerable Software and Affected Versions** Qualcomm Snapdragon versions in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429W, SDM439, SDM670, SDM710, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130 **Description** The issue arises from the lack of validation of payload size before reading memory, potentially leading to accessing invalid pointers or garbage data. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, and Snapdragon Wired Infrastructure and Networking. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to an elevation of privilege vulnerability in the NVIDIA firmware processing code, affecting the Android kernel. **Recommendations** For Android kernel, apply the fix referenced by Android ID: A-34112726 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to an information disclosure vulnerability in the Qualcomm SPMI driver. It affects the Android kernel. **Recommendations** For Android kernel, apply the fix referenced by Android ID A-33644474 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to an information disclosure vulnerability in the Qualcomm video driver. It affects Android products. **Recommendations** For Android kernel, update to a version that includes the fix for the information disclosure vulnerability in the Qualcomm video driver.

**Name of the Vulnerable Software and Affected Versions** Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified) **Description** The issue concerns corruption of kernel memory due to a write to a PCIe register using a debugfs node. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified) **Description** The issue arises from concurrent calls into `ioctl RMNET IOCTL ADD MUX CHANNEL` in the ipa wan driver, which may lead to memory corruption due to missing locks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified) **Description** A race condition exists in a video driver of the affected products, potentially leading to a use-after-free condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified) **Description** A race condition exists in a driver of the Linux kernel used in Qualcomm products with Android releases from CAF, potentially leading to a use-after-free condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm products (affected versions not specified) **Description** A buffer overflow issue can occur when processing a firmware image file. This issue affects Qualcomm products running Android for MSM, Firefox OS for MSM, or QRD Android. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the MediaTek sound driver, which could allow a local malicious application to execute arbitrary code within the context of the kernel. This vulnerability is rated as Moderate because it first requires compromising a privileged process and due to vulnerability-specific details that limit the impact of the issue. The vulnerability is associated with inadequate access control in the MediaTek sound driver, potentially allowing an attacker to elevate their privileges and execute arbitrary code in the kernel context using a local malicious application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.18 **Description** The issue is related to an elevation of privilege vulnerability in the Qualcomm video driver, which could allow a local malicious application to execute arbitrary code within the context of the kernel. This is rated as High because it first requires compromising a privileged process. The vulnerability is also associated with insufficient access control in the Qualcomm video driver, potentially allowing a remote attacker to execute arbitrary code. **Recommendations** For Android version Kernel-3.18, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the MediaTek camera driver, which could allow a local malicious application to execute arbitrary code within the context of the kernel. This is rated as High because it first requires compromising a privileged process. The vulnerability is associated with insufficient access control in the MediaTek camera driver, potentially allowing an attacker to execute arbitrary code in the kernel context using a special application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.