Qcs400 Firmware Security Vulnerabilities
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
8.2CVSS
7.5AI Score
0.001EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
6.8CVSS
6.8AI Score
0.001EPSS
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
8.2CVSS
7.4AI Score
0.001EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.
7.5CVSS
7.5AI Score
0.001EPSS
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.
7.5CVSS
7.4AI Score
0.001EPSS
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
8.2CVSS
7.4AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4CVSS
7.9AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
7.8CVSS
7.7AI Score
0.0004EPSS