CVE-2023-33082

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CVE-2023-43553

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

CVE-2023-43552

Memory corruption while processing MBSSID beacon containing several subelement IE.

CVE-2023-33053

Memory corruption in Kernel while parsing metadata.

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

CVE-2023-33072

Memory corruption in Core while processing control functions.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

CVE-2023-33105

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2023-43549

Memory corruption while processing TPC target power table in FTM TPC.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-33116

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.

CVE-2024-23363

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

CVE-2023-43523

Transient DOS while processing 11AZ RTT management action frame received through OTA.

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

CVE-2023-33083

Memory corruption in WLAN Host while processing RRM beacon on the AP.

CVE-2023-43539

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

CVE-2024-21462

Transient DOS while loading the TA ELF file.

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

CVE-2023-43537

Information disclosure while handling T2LM Action Frame in WLAN Host.