WESEEK, Inc. Security Vulnerabilities

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command...

CVE-2023-33015

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon...

CVE-2023-28577

In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel...

CVE-2023-28575

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI...

CVE-2023-28562

Memory corruption while handling payloads from remote...

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI...

CVE-2023-28561

Memory corruption in QESL while processing payload from external ESL device to...

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status...

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec...

CVE-2023-28543

A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote...

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR...

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP...

CVE-2023-21671

Memory Corruption in Core during syscall for Sectools Fuse comparison...

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory...

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT...

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in...

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use...

CVE-2023-21653

Transient DOS in Modem while processing RRC reconfiguration...

CVE-2023-21650

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data...

CVE-2023-21640

Memory corruption in Linux when the file upload API is called with parameters having large...

CVE-2023-21630

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx...

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim...

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1...

CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS...

CVE-2023-21624

Information disclosure in DSP Services while loading dynamic...

CVE-2022-40539

Memory corruption in Automotive Android OS due to improper validation of array...

CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP...

CVE-2022-34144

Transient DOS due to reachable assertion in Modem during OSI decode...

CVE-2022-33309

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39...

CVE-2022-33301

Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to...

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection...

CVE-2022-33280

Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP...

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer...

CVE-2022-33273

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...

CVE-2022-33259

Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS...

CVE-2022-33243

Memory corruption due to improper access control in Qualcomm...

CVE-2022-33222

Information disclosure due to buffer over-read while parsing DNS response packets in...

CVE-2022-33221

Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification...

CVE-2022-25738

Information disclosure in modem due to buffer over-red while performing checksum of packet...

CVE-2022-25729

Memory corruption in modem due to improper length check while copying into...

CVE-2022-25732

Information disclosure in modem due to buffer over read in dns client due to missing length...

CVE-2022-25678

Memory correction in modem due to buffer overwrite during coap...

CVE-2022-22075

Information Disclosure in Graphics during GPU context...

CVE-2023-43535

Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event...

CVE-2023-43532

Memory corruption while reading ACPI config through the user mode...

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or...

CVE-2023-43517

Memory corruption in Automotive Multimedia due to improper access control in...

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next...