Qca6574a Firmware Security Vulnerabilities and Issues — Page 4 of Qca6574a Firmware CVE List

Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS6.9AI score0.00085EPSS

CVE•added 2022/06/14 10:15 a.m.•90 views

CVE-2021-35119

Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

5.5CVSS5.6AI score0.00039EPSS

CVE•added 2022/09/02 12:15 p.m.•90 views

CVE-2022-22059

Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.8AI score0.00106EPSS

CVE•added 2022/09/16 6:15 a.m.•90 views

CVE-2022-25656

Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS8.1AI score0.00063EPSS

CVE•added 2022/11/15 10:15 a.m.•90 views

CVE-2022-25741

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.00204EPSS

CVE•added 2023/04/13 7:15 a.m.•90 views

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

9.3CVSS8.1AI score0.00044EPSS

CVE•added 2024/02/06 6:15 a.m.•90 views

CVE-2023-33065

Information disclosure in Audio while accessing AVCS services from ADSP payload.

7.1CVSS6.8AI score0.00027EPSS

CVE•added 2024/09/02 12:15 p.m.•90 views

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

7.8CVSS7.8AI score0.00039EPSS

CVE•added 2024/09/02 12:15 p.m.•90 views

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

8.4CVSS8.2AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•90 views

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

7.8CVSS7.9AI score0.00027EPSS

CVE•added 2021/03/17 6:15 a.m.•89 views

CVE-2020-11189

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2022/01/13 12:15 p.m.•89 views

CVE-2021-30353

Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.6AI score0.00361EPSS

CVE•added 2023/11/07 6:15 a.m.•89 views

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

9.8CVSS9.6AI score0.00164EPSS

CVE•added 2022/01/03 8:15 a.m.•88 views

CVE-2021-30335

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

8.4CVSS7.7AI score0.00033EPSS

CVE•added 2025/02/03 5:15 p.m.•88 views

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

8.2CVSS8.1AI score0.0006EPSS

CVE•added 2025/02/03 5:15 p.m.•88 views

CVE-2024-49839

Memory corruption during management frame processing due to mismatch in T2LM info element.

9.8CVSS8.4AI score0.00081EPSS

CVE•added 2025/03/03 11:15 a.m.•88 views

CVE-2024-53024

Memory corruption in display driver while detaching a device.

7.8CVSS7.4AI score0.00024EPSS

CVE•added 2025/05/06 9:15 a.m.•88 views

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

7.8CVSS7.9AI score0.00017EPSS

CVE•added 2021/06/09 5:15 a.m.•87 views

CVE-2020-11134

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electroni...

10CVSS9.3AI score0.0033EPSS

CVE•added 2021/05/07 9:15 a.m.•87 views

CVE-2021-1927

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired In...

8.4CVSS7.7AI score0.00037EPSS

CVE•added 2024/09/02 12:15 p.m.•87 views

CVE-2024-33048

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

7.5CVSS7.6AI score0.00264EPSS

CVE•added 2024/09/02 12:15 p.m.•87 views

CVE-2024-33052

Memory corruption when user provides data for FM HCI command control operations.

7.8CVSS8AI score0.00039EPSS

CVE•added 2021/05/07 9:15 a.m.•86 views

CVE-2021-1891

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon W...

8.4CVSS7.7AI score0.00044EPSS

CVE•added 2023/02/12 4:15 a.m.•86 views

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

9.8CVSS9.8AI score0.00144EPSS

CVE•added 2025/03/03 11:15 a.m.•86 views

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

7.8CVSS7.4AI score0.00024EPSS

CVE•added 2021/03/17 6:15 a.m.•85 views

CVE-2020-11299

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.5AI score0.00356EPSS

CVE•added 2022/06/14 10:15 a.m.•85 views

CVE-2021-35102

Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

7.8CVSS7.8AI score0.00125EPSS

CVE•added 2022/06/14 10:15 a.m.•85 views

CVE-2022-22083

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.7AI score0.00371EPSS

CVE•added 2023/04/13 7:15 a.m.•85 views

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4CVSS8.2AI score0.00051EPSS

CVE•added 2023/06/06 8:15 a.m.•85 views

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4CVSS8.2AI score0.00053EPSS

CVE•added 2023/07/04 5:15 a.m.•85 views

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

9.8CVSS8.2AI score0.00074EPSS

CVE•added 2024/09/02 12:15 p.m.•85 views

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

7.5CVSS7.6AI score0.00264EPSS

CVE•added 2025/01/06 11:15 a.m.•85 views

CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

7.8CVSS7.9AI score0.00027EPSS

CVE•added 2021/03/17 6:15 a.m.•84 views

CVE-2020-11171

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2021/03/17 6:15 a.m.•84 views

CVE-2020-11222

Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile

9.1CVSS9AI score0.00286EPSS

CVE•added 2021/06/09 7:15 a.m.•84 views

CVE-2020-11267

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

8.4CVSS7.8AI score0.00043EPSS

CVE•added 2021/10/20 7:15 a.m.•84 views

CVE-2021-30306

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.1AI score0.00043EPSS

CVE•added 2022/01/13 12:15 p.m.•84 views

CVE-2021-30319

Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...

7.8CVSS7.9AI score0.0012EPSS

CVE•added 2023/10/03 6:15 a.m.•84 views

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

9.8CVSS9AI score0.00103EPSS

CVE•added 2024/05/06 3:15 p.m.•84 views

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

8.4CVSS7.2AI score0.00082EPSS

CVE•added 2021/02/22 7:15 a.m.•83 views

CVE-2020-11198

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.2CVSS6.8AI score0.00021EPSS

CVE•added 2021/03/17 6:15 a.m.•83 views

CVE-2020-11228

Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS7.6AI score0.00043EPSS

CVE•added 2021/02/22 7:15 a.m.•83 views

CVE-2020-11296

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

7.5CVSS7.7AI score0.0026EPSS

CVE•added 2021/09/17 7:15 a.m.•83 views

CVE-2021-1939

Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS5.6AI score0.00033EPSS

CVE•added 2021/09/09 8:15 a.m.•83 views

CVE-2021-30294

Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS5.8AI score0.00101EPSS

Total number of security vulnerabilities771