Wcn7850 Firmware Security Vulnerabilities
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
9.8CVSS
9.5AI Score
0.002EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
8.4CVSS
8AI Score
0.0004EPSS
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
8.4CVSS
8AI Score
0.0004EPSS
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
9.8CVSS
9.5AI Score
0.002EPSS
Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.
6.5CVSS
6.3AI Score
0.001EPSS
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
9.3CVSS
7.5AI Score
0.0004EPSS
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
7.7CVSS
6.7AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.
6.5CVSS
6.4AI Score
0.0004EPSS