53 matches found
CVE-2024-33063
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
CVE-2020-11296
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...
CVE-2022-40512
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2024-45558
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
CVE-2020-11235
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...
CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition.
CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2023-33056
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
CVE-2024-33048
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
CVE-2023-33105
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.
CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
CVE-2023-33116
Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.
CVE-2024-23363
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
CVE-2023-33081
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
CVE-2023-33109
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
CVE-2023-43523
Transient DOS while processing 11AZ RTT management action frame received through OTA.
CVE-2023-33048
Transient DOS in WLAN Firmware while parsing t2lm buffers.
CVE-2020-11119
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, ...
CVE-2023-33041
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
CVE-2022-25749
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...
CVE-2023-33061
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.
CVE-2023-33062
Transient DOS in WLAN Firmware while parsing a BTM request.
CVE-2023-33097
Transient DOS in WLAN Firmware while processing a FTMR frame.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2024-21458
Information disclosure while handling SA query action frame.
CVE-2023-43539
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
CVE-2022-33237
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...
CVE-2023-33047
Transient DOS in WLAN Firmware while parsing no-inherit IES.
CVE-2023-33098
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
CVE-2023-43522
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
CVE-2022-33238
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...
CVE-2024-21466
Information disclosure while parsing sub-IE length during new IE generation.
CVE-2024-21457
INformation disclosure while handling Multi-link IE in beacon frame.
CVE-2024-38397
Transient DOS while parsing probe response and assoc response frame.
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2023-33089
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-21477
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
CVE-2024-43057
Memory corruption while processing command in Glink linux.
CVE-2024-33025
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2024-21467
Information disclosure while handling beacon probe frame during scan entry generation in client side.
CVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.