39 matches found
CVE-2022-40514
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2022-40532
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2023-33028
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
CVE-2022-40512
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2022-40530
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
CVE-2022-33271
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
CVE-2022-33279
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
CVE-2022-34146
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
CVE-2022-40531
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2023-22386
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
CVE-2022-33306
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
CVE-2022-34145
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
CVE-2022-40502
Transient DOS due to improper input validation in WLAN Host.
CVE-2022-33277
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2022-33283
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
CVE-2023-21658
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
CVE-2023-21661
Transient DOS while parsing WLAN beacon or probe-response frame.
CVE-2022-33285
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request.
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2022-40527
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
CVE-2023-28549
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
CVE-2023-28557
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2022-33284
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
CVE-2023-33047
Transient DOS in WLAN Firmware while parsing no-inherit IES.
CVE-2023-33098
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
CVE-2022-33252
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
CVE-2022-33276
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
CVE-2023-28573
Memory corruption in WLAN HAL while parsing WMI command parameters.
CVE-2023-33088
Memory corruption when processing cmd parameters while parsing vdev.
CVE-2023-28548
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2023-33089
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.