149 matches found
CVE-2022-34146
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
CVE-2022-40531
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2023-28554
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2023-28566
Information disclosure in WLAN HAL while handling the WMI state info command.
CVE-2022-33306
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
CVE-2023-43533
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
CVE-2021-35071
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruc...
CVE-2022-34145
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
CVE-2023-28544
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2022-25748
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...
CVE-2022-40502
Transient DOS due to improper input validation in WLAN Host.
CVE-2023-43536
Transient DOS while parse fils IE with length equal to 1.
CVE-2022-33277
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.
CVE-2023-28571
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.
CVE-2023-33056
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
CVE-2024-21458
Information disclosure while handling SA query action frame.
CVE-2022-33283
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
CVE-2023-21658
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2024-38405
Transient DOS while processing the CU information from RNR IE.
CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2022-33285
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
CVE-2023-28539
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
CVE-2023-33109
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
CVE-2023-43549
Memory corruption while processing TPC target power table in FTM TPC.
CVE-2024-21466
Information disclosure while parsing sub-IE length during new IE generation.
CVE-2022-33235
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2024-23363
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
CVE-2022-33239
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...
CVE-2023-33081
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
CVE-2023-43523
Transient DOS while processing 11AZ RTT management action frame received through OTA.
CVE-2023-28564
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
CVE-2023-33048
Transient DOS in WLAN Firmware while parsing t2lm buffers.
CVE-2023-33062
Transient DOS in WLAN Firmware while parsing a BTM request.
CVE-2024-21456
Information Disclosure while parsing beacon frame in STA.
CVE-2024-21457
INformation disclosure while handling Multi-link IE in beacon frame.
CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28558
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-33041
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
CVE-2022-25749
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...
CVE-2023-28549
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-33061
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.
CVE-2023-33097
Transient DOS in WLAN Firmware while processing a FTMR frame.
CVE-2024-33013
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.