Ipq8074 Firmware Security Vulnerabilities

CVE-2023-28559

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command parameters.

CVE-2023-33015

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.