Qcn9011 Firmware Security Vulnerabilities and Issues — Page 2 of Qcn9011 Firmware CVE List

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00097EPSS

CVE•added 2023/03/10 9:15 p.m.•74 views

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

8.4CVSS8.3AI score0.00046EPSS

CVE•added 2025/05/06 9:15 a.m.•74 views

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

7.8CVSS8AI score0.00017EPSS

CVE•added 2022/12/13 4:15 p.m.•73 views

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.2CVSS8AI score0.00078EPSS

CVE•added 2023/09/05 7:15 a.m.•73 views

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS8.1AI score0.00044EPSS

CVE•added 2024/04/01 3:15 p.m.•73 views

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

7.8CVSS8AI score0.00044EPSS

CVE•added 2024/03/04 11:15 a.m.•73 views

CVE-2023-43547

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

8.4CVSS8.6AI score0.00091EPSS

CVE•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS7.7AI score0.00091EPSS

CVE•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33279

Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.

9.8CVSS10AI score0.00181EPSS

CVE•added 2023/07/04 5:15 a.m.•72 views

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2023/04/13 7:15 a.m.•71 views

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

9.3CVSS9.4AI score0.00051EPSS

CVE•added 2023/03/10 9:15 p.m.•71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/07/04 5:15 a.m.•71 views

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status information.

7.8CVSS7.7AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•71 views

CVE-2023-33087

Memory corruption in Core while processing RX intent request.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2024/01/02 6:15 a.m.•71 views

CVE-2023-33113

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.

8.4CVSS7.7AI score0.0011EPSS

CVE•added 2025/05/06 9:15 a.m.•71 views

CVE-2025-21459

Transient DOS while parsing per STA profile in ML IE.

7.5CVSS7.6AI score0.00071EPSS

CVE•added 2023/07/04 5:15 a.m.•70 views

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2024/02/06 6:16 a.m.•70 views

CVE-2023-33072

Memory corruption in Core while processing control functions.

9.3CVSS7.8AI score0.00029EPSS

CVE•added 2022/06/14 10:15 a.m.•69 views

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

10CVSS9.6AI score0.00701EPSS

CVE•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

7.8CVSS7.9AI score0.00046EPSS

CVE•added 2023/10/03 6:15 a.m.•69 views

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

8.7CVSS7.9AI score0.00024EPSS

CVE•added 2023/11/07 6:15 a.m.•69 views

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS7.2AI score0.00045EPSS

CVE•added 2024/05/06 3:15 p.m.•69 views

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

7.8CVSS7.2AI score0.00082EPSS

CVE•added 2024/07/01 3:15 p.m.•69 views

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2023/07/04 5:15 a.m.•68 views

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

7.8CVSS7.7AI score0.00052EPSS

CVE•added 2024/09/02 12:15 p.m.•68 views

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

8.4CVSS8.2AI score0.00019EPSS

CVE•added 2022/10/19 11:15 a.m.•67 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.0029EPSS

CVE•added 2024/11/04 10:15 a.m.•67 views

CVE-2024-38415

Memory corruption while handling session errors from firmware.

7.8CVSS7.9AI score0.00029EPSS

CVE•added 2025/02/03 5:15 p.m.•67 views

CVE-2024-49834

Memory corruption while power-up or power-down sequence of the camera sensor.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2023/02/12 4:15 a.m.•66 views

CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

9.3CVSS8.4AI score0.0006EPSS

CVE•added 2023/03/10 9:15 p.m.•66 views

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS7.6AI score0.00042EPSS

CVE•added 2023/02/12 4:15 a.m.•66 views

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/10/03 6:15 a.m.•66 views

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

7.5CVSS7.7AI score0.00194EPSS

CVE•added 2024/04/01 3:15 p.m.•65 views

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

8.4CVSS8.7AI score0.00044EPSS

CVE•added 2024/02/06 6:16 a.m.•65 views

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2025/05/06 9:15 a.m.•65 views

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

7.8CVSS7.9AI score0.00017EPSS

CVE•added 2023/01/09 8:15 a.m.•64 views

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

8.2CVSS6.8AI score0.00091EPSS

CVE•added 2024/03/04 11:15 a.m.•64 views

CVE-2023-33105

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.

7.5CVSS7.7AI score0.02377EPSS

CVE•added 2024/01/02 6:15 a.m.•64 views

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

7.5CVSS7.5AI score0.00325EPSS

CVE•added 2025/03/03 11:15 a.m.•64 views

CVE-2024-53024

Memory corruption in display driver while detaching a device.

7.8CVSS7.4AI score0.00024EPSS

CVE•added 2022/06/14 10:15 a.m.•63 views

CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infra...

8.2CVSS6.8AI score0.00107EPSS

CVE•added 2023/09/05 7:15 a.m.•63 views

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

8.4CVSS8.1AI score0.0003EPSS

CVE•added 2024/03/04 11:15 a.m.•63 views

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

8.4CVSS8.6AI score0.00051EPSS

CVE•added 2023/01/09 8:15 a.m.•62 views

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.