CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

CVE-2023-33082

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

CVE-2023-24851

Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

CVE-2023-33053

Memory corruption in Kernel while parsing metadata.

CVE-2022-40513

Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos state.

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

CVE-2022-33279

Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

CVE-2022-34146

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

CVE-2022-33306

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

CVE-2022-33309

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

CVE-2022-40502

Transient DOS due to improper input validation in WLAN Host.

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2022-40535

Transient DOS due to buffer over-read in WLAN while sending a packet to device.

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

CVE-2023-21661

Transient DOS while parsing WLAN beacon or probe-response frame.

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in log.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in log.

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

CVE-2022-40527

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.

CVE-2023-21660

Transient DOS in WLAN Firmware while parsing FT Information Elements.

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

CVE-2022-40522

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.