Mdm9206 Firmware Security Vulnerabilities

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one...

CVE-2022-40510

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS...

CVE-2022-33295

Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its...

CVE-2022-33294

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request...

CVE-2022-33259

Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS...

CVE-2022-33258

Information disclosure due to buffer over-read in modem while reading configuration...

CVE-2022-33222

Information disclosure due to buffer over-read while parsing DNS response packets in...

CVE-2022-33223

Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked...

CVE-2022-33228

Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in...

CVE-2022-33211

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2022-25747

Information disclosure in modem due to improper input validation during parsing of upcoming CoAP...

CVE-2022-25739

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM...

CVE-2022-25737

Information disclosure in modem due to missing NULL check while reading packets received from local...

CVE-2022-25740

Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the...

CVE-2022-25731

Information disclosure in modem due to buffer over-read while processing packets from DNS...

CVE-2022-25730

Information disclosure in modem due to improper check of IP type while processing DNS server...

CVE-2022-25726

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response...

CVE-2022-25678

Memory correction in modem due to buffer overwrite during coap...

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata...

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID...

CVE-2022-22075

Information Disclosure in Graphics during GPU context...

CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP...

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command...

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU...

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in...

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or...

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected...

CVE-2022-25729

Memory corruption in modem due to improper length check while copying into...

CVE-2022-25738

Information disclosure in modem due to buffer over-red while performing checksum of packet...

CVE-2022-25732

Information disclosure in modem due to buffer over read in dns client due to missing length...

CVE-2022-25733

Denial of service in modem due to null pointer dereference while processing DNS...

CVE-2022-25734

Denial of service in modem due to missing null check while processing IP packets with...

CVE-2022-33229

Information disclosure due to buffer over-read in Modem while using static array to process IPv4...

CVE-2022-25735

Denial of service in modem due to missing null check while processing TCP or UDP packets from...

CVE-2022-25728

Information disclosure in modem due to buffer over-read while processing response from DNS...

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified...

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management...

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action...

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is...

CVE-2022-33299

Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length...

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25695

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon....

CVE-2022-25742

Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &...

CVE-2022-25743

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2022-25724

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25710

Denial of service due to null pointer dereference when GATT is disconnected in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

CVE-2022-25727

Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &...