Qcn9074 Firmware Security Vulnerabilities and Issues — Page 7 of Qcn9074 Firmware CVE List

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2024/05/06 3:15 p.m.•42 views

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

7.5CVSS6.8AI score0.00294EPSS

CVE•added 2025/03/03 11:15 a.m.•42 views

CVE-2024-43057

Memory corruption while processing command in Glink linux.

7.8CVSS7.5AI score0.00024EPSS

CVE•added 2022/01/03 8:15 a.m.•41 views

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & ...

7.8CVSS7.6AI score0.00031EPSS

CVE•added 2021/09/17 7:15 a.m.•40 views

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

8.4CVSS8AI score0.00054EPSS

CVE•added 2022/01/03 8:15 a.m.•40 views

CVE-2021-30282

Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networkin...

8.4CVSS7.7AI score0.00033EPSS

CVE•added 2023/01/09 8:15 a.m.•40 views

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.

7.5CVSS7.5AI score0.00125EPSS

CVE•added 2024/08/05 3:15 p.m.•40 views

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.

7.5CVSS6.5AI score0.00101EPSS

CVE•added 2021/10/20 7:15 a.m.•39 views

CVE-2021-30302

Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrast...

7.5CVSS7.3AI score0.00228EPSS

CVE•added 2023/01/09 8:15 a.m.•39 views

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

8.4CVSS8.3AI score0.00091EPSS

CVE•added 2024/08/05 3:15 p.m.•38 views

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

7.5CVSS6.5AI score0.00126EPSS

CVE•added 2024/12/02 11:15 a.m.•38 views

CVE-2024-33037

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

6.1CVSS6.2AI score0.00025EPSS

CVE•added 2024/11/04 10:15 a.m.•38 views

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

9.1CVSS9AI score0.00083EPSS

CVE•added 2024/12/02 11:15 a.m.•37 views

CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/11/04 10:15 a.m.•35 views

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.