167 matches found
CVE-2023-33047
Transient DOS in WLAN Firmware while parsing no-inherit IES.
CVE-2023-33083
Memory corruption in WLAN Host while processing RRM beacon on the AP.
CVE-2023-33098
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
CVE-2023-43522
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
CVE-2024-33013
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2023-28557
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2023-43539
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2024-33044
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
CVE-2022-33237
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...
CVE-2022-33284
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
CVE-2022-40525
Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.
CVE-2023-33088
Memory corruption when processing cmd parameters while parsing vdev.
CVE-2022-33238
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...
CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
CVE-2023-28573
Memory corruption in WLAN HAL while parsing WMI command parameters.
CVE-2022-33252
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
CVE-2022-33276
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2024-49845
Memory corruption during the FRS UDS generation process.
CVE-2023-28548
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.
CVE-2024-33012
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
CVE-2024-38397
Transient DOS while parsing probe response and assoc response frame.
CVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2023-33089
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
CVE-2024-33010
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
CVE-2022-40519
Information disclosure due to buffer overread in Core
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2024-33011
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-33018
Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.
CVE-2024-33019
Transient DOS while parsing the received TID-to-link mapping action frame.
CVE-2024-33025
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2023-33016
Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
CVE-2024-21482
Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image.
CVE-2024-49842
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
CVE-2022-25736
Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-49841
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2024-53011
Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-38420
Memory corruption while configuring a Hypervisor based input virtual device.
CVE-2024-21477
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
CVE-2024-43051
Information disclosure while deriving keys for a session for any Widevine use case.
CVE-2024-43057
Memory corruption while processing command in Glink linux.
CVE-2022-40517
Memory corruption in core due to stack-based buffer overflow