Qca6584au Firmware Security Vulnerabilities and Issues — Qca6584au Firmware CVE List

Lucene search

QualcommQca6584au Firmware

38 matches found

CVE•added 2021/05/07 9:15 a.m.•1011 views

CVE-2021-1906

Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS6.9AI score0.00136EPSS

CVE•added 2023/11/07 6:15 a.m.•87 views

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2023/03/10 9:15 p.m.•82 views

CVE-2022-22075

Information Disclosure in Graphics during GPU context switch.

6.2CVSS5.5AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•79 views

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

6.1CVSS5.6AI score0.00054EPSS

CVE•added 2023/11/07 6:15 a.m.•76 views

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

6.1CVSS5.7AI score0.00054EPSS

CVE•added 2021/06/09 5:15 a.m.•73 views

CVE-2020-11160

Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.6AI score0.00047EPSS

CVE•added 2023/11/07 6:15 a.m.•69 views

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info command.

6.1CVSS5.7AI score0.00056EPSS

CVE•added 2021/02/22 7:15 a.m.•68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS

CVE•added 2023/04/13 7:15 a.m.•66 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS

CVE•added 2025/02/03 5:15 p.m.•66 views

CVE-2024-38416

Information disclosure during audio playback.

6.1CVSS6.2AI score0.00019EPSS

CVE•added 2023/11/07 6:15 a.m.•61 views

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2021/09/09 8:15 a.m.•60 views

CVE-2021-1961

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.8AI score0.01103EPSS

CVE•added 2021/09/08 12:15 p.m.•59 views

CVE-2021-1904

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

6.2CVSS5.5AI score0.00094EPSS

CVE•added 2023/10/03 6:15 a.m.•56 views

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

6.1CVSS5.7AI score0.00027EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2021/05/07 9:15 a.m.•47 views

CVE-2020-11293

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon V...

6CVSS6.1AI score0.00047EPSS

CVE•added 2021/10/20 7:15 a.m.•47 views

CVE-2021-1969

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

6.2CVSS5.5AI score0.00035EPSS

CVE•added 2021/11/12 7:15 a.m.•46 views

CVE-2021-30266

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infr...

6.7CVSS6.8AI score0.00029EPSS

CVE•added 2024/10/07 1:15 p.m.•45 views

CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

6.7CVSS6.7AI score0.00028EPSS

CVE•added 2021/09/09 8:15 a.m.•44 views

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2024/05/06 3:15 p.m.•43 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS

CVE•added 2025/01/06 11:15 a.m.•43 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2021/09/09 8:15 a.m.•42 views

CVE-2021-1962

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruct...

6.7CVSS6.6AI score0.00059EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38417

Information disclosure while processing IO control commands.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2021/09/09 8:15 a.m.•41 views

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2021/10/20 7:15 a.m.•41 views

CVE-2021-1968

6.2CVSS5.5AI score0.00018EPSS

CVE•added 2021/09/09 8:15 a.m.•40 views

CVE-2021-1956

Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2021/11/12 7:15 a.m.•40 views

CVE-2021-30265

Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

6.7CVSS6.9AI score0.00055EPSS

CVE•added 2024/10/07 1:15 p.m.•40 views

CVE-2024-23370

Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.

6.7CVSS6.7AI score0.00028EPSS

CVE•added 2024/10/07 1:15 p.m.•38 views

CVE-2024-23378

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/10/07 1:15 p.m.•38 views

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/11/04 10:15 a.m.•37 views

CVE-2024-33029

Memory corruption while handling the PDR in driver for getting the remote heap maps.

6.7CVSS6.8AI score0.00025EPSS

CVE•added 2024/11/04 10:15 a.m.•36 views

CVE-2024-33030

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

6.7CVSS6.8AI score0.00025EPSS

CVE•added 2025/03/03 11:15 a.m.•35 views

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

6.5CVSS7.1AI score0.00021EPSS

CVE•added 2024/08/05 3:15 p.m.•22 views

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

6.2CVSS6.4AI score0.00033EPSS

CVE•added 2024/08/05 3:15 p.m.•18 views

CVE-2024-23350

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.

6.5CVSS6.5AI score0.00021EPSS

CVE•added 2025/07/08 1:15 p.m.•6 views

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

6.2CVSS6.6AI score0.00013EPSS