73 matches found
CVE-2022-40503
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
CVE-2023-21656
Memory corruption in WLAN HOST while receiving an WMI event from firmware.
CVE-2023-28553
Information Disclosure in WLAN Host when processing WMI event command.
CVE-2022-40514
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2022-40532
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2023-24851
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
CVE-2023-33028
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command.
CVE-2022-40512
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2023-28569
Information disclosure in WLAN HAL while handling command through WMI interfaces.
CVE-2022-40530
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
CVE-2023-28541
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
CVE-2023-28572
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.
CVE-2023-33019
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.
CVE-2023-33045
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
CVE-2022-33271
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
CVE-2023-28542
Memory Corruption in WLAN HOST while fetching TX status information.
CVE-2023-28570
Memory corruption while processing audio effects.
CVE-2023-28584
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).
CVE-2022-34146
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
CVE-2022-40531
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2023-21649
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
CVE-2023-22386
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
CVE-2022-33306
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
CVE-2022-34145
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
CVE-2023-24854
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
CVE-2023-28566
Information disclosure in WLAN HAL while handling the WMI state info command.
CVE-2023-28544
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
CVE-2022-40502
Transient DOS due to improper input validation in WLAN Host.
CVE-2022-33277
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2023-33056
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
CVE-2022-33283
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
CVE-2023-21658
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2022-33285
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-28554
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2023-33081
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
CVE-2023-28564
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
CVE-2023-33048
Transient DOS in WLAN Firmware while parsing t2lm buffers.
CVE-2023-33041
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
CVE-2023-28549
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
CVE-2023-28558
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-33061
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.