Sa6150p Firmware Security Vulnerabilities and Issues — Page 4 of Sa6150p Firmware CVE List

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...

9.4CVSS9AI score0.00286EPSS

CVE•added 2021/06/09 5:15 a.m.•76 views

CVE-2020-11159

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon I...

9.4CVSS9.2AI score0.00239EPSS

CVE•added 2021/05/07 9:15 a.m.•76 views

CVE-2021-1927

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired In...

8.4CVSS7.7AI score0.00037EPSS

CVE•added 2022/01/03 8:15 a.m.•76 views

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.1CVSS5.5AI score0.00045EPSS

CVE•added 2022/06/14 10:15 a.m.•76 views

CVE-2021-30281

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wear...

8.4CVSS7.6AI score0.00143EPSS

CVE•added 2024/09/02 12:15 p.m.•76 views

CVE-2024-33052

Memory corruption when user provides data for FM HCI command control operations.

7.8CVSS8AI score0.00039EPSS

CVE•added 2021/06/09 5:15 a.m.•75 views

CVE-2020-11241

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2021/02/22 7:15 a.m.•75 views

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...

8.8CVSS8.8AI score0.00074EPSS

CVE•added 2021/07/13 6:15 a.m.•75 views

CVE-2021-1890

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.2AI score0.00039EPSS

CVE•added 2021/05/07 9:15 a.m.•75 views

CVE-2021-1891

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon W...

8.4CVSS7.7AI score0.00044EPSS

CVE•added 2023/08/08 10:15 a.m.•75 views

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

7.7CVSS7AI score0.00047EPSS

CVE•added 2023/08/08 10:15 a.m.•75 views

CVE-2023-28575

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.

7.8CVSS6.9AI score0.00038EPSS

CVE•added 2025/03/03 11:15 a.m.•75 views

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

7.8CVSS7.4AI score0.00024EPSS

CVE•added 2021/06/09 5:15 a.m.•74 views

CVE-2020-11165

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastruc...

7.8CVSS8.1AI score0.00041EPSS

CVE•added 2021/02/22 7:15 a.m.•74 views

CVE-2020-11276

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer I...

9.4CVSS9.1AI score0.00239EPSS

CVE•added 2023/09/05 7:15 a.m.•74 views

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS8.1AI score0.00044EPSS

CVE•added 2023/03/10 9:15 p.m.•74 views

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

8.4CVSS8.3AI score0.00046EPSS

CVE•added 2023/11/07 6:15 a.m.•74 views

CVE-2023-28570

Memory corruption while processing audio effects.

7.8CVSS7.2AI score0.0004EPSS

CVE•added 2024/09/02 12:15 p.m.•74 views

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

7.5CVSS7.6AI score0.00264EPSS

CVE•added 2021/06/09 7:15 a.m.•73 views

CVE-2020-11267

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

8.4CVSS7.8AI score0.00043EPSS

CVE•added 2021/10/20 7:15 a.m.•73 views

CVE-2021-30306

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.1AI score0.00043EPSS

CVE•added 2022/01/13 12:15 p.m.•73 views

CVE-2021-30319

Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...

7.8CVSS7.9AI score0.0012EPSS

CVE•added 2022/06/14 10:15 a.m.•73 views

CVE-2021-35100

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00721EPSS

CVE•added 2023/02/12 4:15 a.m.•73 views

CVE-2022-33216

Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

6CVSS5.5AI score0.00022EPSS

CVE•added 2023/08/08 10:15 a.m.•73 views

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS7AI score0.0005EPSS

CVE•added 2021/06/09 5:15 a.m.•72 views

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2021/09/09 8:15 a.m.•72 views

CVE-2021-30294

Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS5.8AI score0.00101EPSS

CVE•added 2022/01/03 8:15 a.m.•72 views

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...

8.4CVSS7.8AI score0.00037EPSS

CVE•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS7.7AI score0.00091EPSS

CVE•added 2024/02/06 6:16 a.m.•72 views

CVE-2023-33068

Memory corruption in Audio while processing IIR config data from AFE calibration block.

7.8CVSS7.8AI score0.0002EPSS

CVE•added 2024/05/06 3:15 p.m.•72 views

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

8.4CVSS7.2AI score0.00082EPSS

CVE•added 2024/10/07 1:15 p.m.•72 views

CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

7.5CVSS7.6AI score0.00207EPSS

CVE•added 2024/11/04 10:15 a.m.•72 views

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2021/02/22 7:15 a.m.•71 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2021/02/22 7:15 a.m.•71 views

CVE-2020-11278

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2021/09/08 12:15 p.m.•71 views

CVE-2021-1904

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

6.2CVSS5.5AI score0.00094EPSS

CVE•added 2021/09/17 7:15 a.m.•71 views

CVE-2021-1939

Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS5.6AI score0.00033EPSS

CVE•added 2021/10/20 7:15 a.m.•71 views

CVE-2021-1977

Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon I...

9.1CVSS7.6AI score0.00336EPSS

CVE•added 2022/01/03 8:15 a.m.•71 views

CVE-2021-30262

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

8.4CVSS7.6AI score0.00043EPSS

CVE•added 2022/06/14 10:15 a.m.•71 views

CVE-2021-30350

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.9AI score0.00199EPSS

CVE•added 2023/06/06 8:15 a.m.•71 views

CVE-2022-33303

Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource Manager message queue.

5.5CVSS5.3AI score0.00052EPSS

CVE•added 2023/03/10 9:15 p.m.•71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•71 views

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS7.2AI score0.00045EPSS

CVE•added 2023/11/07 6:15 a.m.•71 views

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info command.

6.1CVSS5.7AI score0.00056EPSS

CVE•added 2024/03/04 11:15 a.m.•71 views

CVE-2023-33090

Transient DOS while processing channel information for speaker protection v2 module in ADSP.

5.5CVSS5.4AI score0.00061EPSS

CVE•added 2024/09/02 12:15 p.m.•71 views

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

8.4CVSS8.2AI score0.00039EPSS

CVE•added 2021/07/13 6:15 a.m.•70 views

CVE-2021-1938

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

7.5CVSS7.6AI score0.0026EPSS

Total number of security vulnerabilities518