Qca6391 Firmware Security Vulnerabilities and Issues — Qca6391 Firmware CVE List

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

7.8CVSS8AI score0.00022EPSS

cve•added 2025/02/03 5:15 p.m.•99 views

CVE-2024-49843

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.

7.8CVSS7.8AI score0.00027EPSS

cve•added 2025/05/06 9:15 a.m.•98 views

CVE-2025-21459

Transient DOS while parsing per STA profile in ML IE.

7.5CVSS7.6AI score0.00092EPSS

cve•added 2025/03/03 11:15 a.m.•95 views

CVE-2024-53027

Transient DOS may occur while processing the country IE.

7.5CVSS7.2AI score0.0008EPSS

cve•added 2025/02/03 5:15 p.m.•93 views

CVE-2024-49834

Memory corruption while power-up or power-down sequence of the camera sensor.

7.8CVSS7.9AI score0.00027EPSS

cve•added 2025/02/03 5:15 p.m.•91 views

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

8.2CVSS8.1AI score0.00067EPSS

cve•added 2025/02/03 5:15 p.m.•91 views

CVE-2024-49839

Memory corruption during management frame processing due to mismatch in T2LM info element.

9.8CVSS8.4AI score0.00091EPSS

cve•added 2025/05/06 9:15 a.m.•91 views

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

7.8CVSS7.9AI score0.00022EPSS

cve•added 2025/03/03 11:15 a.m.•90 views

CVE-2024-53024

Memory corruption in display driver while detaching a device.

7.8CVSS7.4AI score0.00024EPSS

cve•added 2025/03/03 11:15 a.m.•89 views

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

7.8CVSS7.4AI score0.00024EPSS

cve•added 2025/01/06 11:15 a.m.•88 views

CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

7.8CVSS7.9AI score0.00028EPSS

cve•added 2025/02/03 5:15 p.m.•67 views

CVE-2024-38416

Information disclosure during audio playback.

6.1CVSS6.2AI score0.00021EPSS

cve•added 2025/06/03 6:15 a.m.•62 views

CVE-2024-53016

Memory corruption while processing I2C settings in Camera driver.

6.6CVSS6.7AI score0.00015EPSS

cve•added 2025/05/06 9:15 a.m.•61 views

CVE-2024-49835

Memory corruption while reading secure file.

7.8CVSS7.8AI score0.00022EPSS

cve•added 2025/05/06 9:15 a.m.•57 views

CVE-2025-21475

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

7.8CVSS7.9AI score0.00022EPSS

cve•added 2025/05/06 9:15 a.m.•54 views

CVE-2025-21470

Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.

7.8CVSS7.9AI score0.0002EPSS

cve•added 2025/05/06 9:15 a.m.•53 views

CVE-2024-49845

Memory corruption during the FRS UDS generation process.

7.8CVSS7.9AI score0.00033EPSS

cve•added 2025/01/06 11:15 a.m.•52 views

CVE-2024-45541

Memory corruption when IOCTL call is invoked from user-space to read board data.

7.8CVSS7.8AI score0.00028EPSS

cve•added 2025/05/06 9:15 a.m.•51 views

CVE-2024-45562

Memory corruption during concurrent access to server info object due to unprotected critical field.

7.8CVSS6.7AI score0.00022EPSS

cve•added 2025/05/06 9:15 a.m.•51 views

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

7.8CVSS8AI score0.00033EPSS

cve•added 2025/05/06 9:15 a.m.•50 views

CVE-2024-45564

Memory corruption during concurrent access to server info object due to incorrect reference count update.

7.8CVSS7.8AI score0.00022EPSS

cve•added 2025/05/06 9:15 a.m.•48 views

CVE-2024-49842

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

7.8CVSS7.8AI score0.0002EPSS

cve•added 2025/03/03 11:15 a.m.•48 views

CVE-2024-53011

Information disclosure may occur due to improper permission and access controls to Video Analytics engine.

7.9CVSS7AI score0.00017EPSS

cve•added 2025/03/03 11:15 a.m.•47 views

CVE-2024-38426

While processing the authentication message in UE, improper authentication may lead to information disclosure.

5.4CVSS6.9AI score0.00049EPSS

cve•added 2025/05/06 9:15 a.m.•47 views

CVE-2024-45570

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

7.8CVSS6.7AI score0.00022EPSS

cve•added 2025/05/06 9:15 a.m.•47 views

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

7.8CVSS7.9AI score0.00022EPSS

cve•added 2025/01/06 11:15 a.m.•46 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00023EPSS

cve•added 2025/02/03 5:15 p.m.•46 views

CVE-2024-45561

Memory corruption while handling IOCTL call from user-space to set latency level.

7.8CVSS7.8AI score0.00027EPSS

cve•added 2025/05/06 9:15 a.m.•46 views

CVE-2024-45566

Memory corruption during concurrent buffer access due to modification of the reference count.

7.8CVSS7.9AI score0.00022EPSS

cve•added 2025/03/03 11:15 a.m.•46 views

CVE-2024-53023

Memory corruption may occur while accessing a variable during extended back to back tests.

7.8CVSS7.3AI score0.00024EPSS

cve•added 2025/06/03 6:15 a.m.•45 views

CVE-2024-53013

Memory corruption may occur while processing voice call registration with user.

6.6CVSS6.8AI score0.00019EPSS

cve•added 2025/02/03 5:15 p.m.•44 views

CVE-2024-45560

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

7.8CVSS7.8AI score0.00016EPSS

cve•added 2025/02/03 5:15 p.m.•44 views

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

7.8CVSS7.9AI score0.00027EPSS

cve•added 2025/02/03 5:15 p.m.•43 views

CVE-2024-38418

Memory corruption while parsing the memory map info in IOCTL calls.

7.8CVSS7.9AI score0.00016EPSS

cve•added 2025/02/03 5:15 p.m.•43 views

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

8.8CVSS8.9AI score0.00041EPSS

cve•added 2025/03/03 11:15 a.m.•43 views

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

5.5CVSS7.1AI score0.00014EPSS

cve•added 2025/01/06 11:15 a.m.•43 views

CVE-2024-45542

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

7.8CVSS7.9AI score0.00028EPSS

cve•added 2025/03/03 11:15 a.m.•42 views

CVE-2024-43057

Memory corruption while processing command in Glink linux.

7.8CVSS7.5AI score0.00024EPSS

cve•added 2025/04/07 11:15 a.m.•42 views

CVE-2025-21421

Memory corruption while processing escape code in API.

7.8CVSS7.4AI score0.00014EPSS

cve•added 2025/04/07 11:15 a.m.•41 views

CVE-2025-21441

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

7.8CVSS7.2AI score0.00014EPSS

cve•added 2025/04/07 11:15 a.m.•40 views

CVE-2025-21423

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.

7.8CVSS7.2AI score0.00014EPSS

cve•added 2025/04/07 11:15 a.m.•40 views

CVE-2025-21440

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

7.8CVSS7.2AI score0.00014EPSS

cve•added 2025/03/03 11:15 a.m.•39 views

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

6.5CVSS7.1AI score0.0002EPSS

cve•added 2025/04/07 11:15 a.m.•34 views

CVE-2024-43067

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

7.8CVSS7.1AI score0.00011EPSS

cve•added 2025/07/08 1:15 p.m.•20 views

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

7.5CVSS6.6AI score0.00053EPSS

Total number of security vulnerabilities74