Jun Yao

**Name of the Vulnerable Software and Affected Versions** Snapdragon Connectivity (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon Mobile (affected versions not specified) **Description** The issue is related to a use after free in the synx driver, which occurs during multiple invocations of synx release calls while performing other functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm Snapdragon versions (affected versions not specified) **Description** The issue is related to an out of bound write while parsing RTT/TTY packet due to a lack of check of buffer size before copying into the buffer. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Qualcomm Snapdragon versions (affected versions not specified) **Description** A race condition can occur when using the fastrpc memory mapping API. This issue affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables, in multiple chipsets such as APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, QCS605, QM215, SA415M, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, and SXR1130. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.