37 matches found
CVE-2024-38402
Memory corruption while processing IOCTL call for getting group info.
CVE-2024-45558
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
CVE-2025-21468
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2023-33100
Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.
CVE-2024-21475
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2024-45571
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2023-33101
Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
CVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2023-33105
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
CVE-2023-33099
Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.
CVE-2024-23363
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
CVE-2024-49835
Memory corruption while reading secure file.
CVE-2023-33086
Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.
CVE-2023-33095
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.
CVE-2023-33103
Transient DOS while processing CAG info IE received from NW.
CVE-2023-33084
Transient DOS while processing IE fragments from server during DTLS handshake.
CVE-2023-43539
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
CVE-2023-33096
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.
CVE-2023-33104
Transient DOS while processing PDU Release command with a parameter PDU ID out of range.
CVE-2024-49845
Memory corruption during the FRS UDS generation process.
CVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2024-49842
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
CVE-2024-49841
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2023-43542
Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.
CVE-2024-21477
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
CVE-2023-43530
Memory corruption in HLOS while checking for the storage type.
CVE-2023-43529
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2025-21422
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
CVE-2025-21454
Transient DOS while processing received beacon frame.
CVE-2024-53009
Memory corruption while operating the mailbox in Automotive.
CVE-2025-21432
Memory corruption while retrieving the CBOR data from TA.
CVE-2025-21446
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
CVE-2025-21449
Transient DOS may occur while processing malformed length field in SSID IEs.
CVE-2025-27042
Memory corruption while processing video packets received from video firmware.
CVE-2025-27057
Transient DOS while handling beacon frames with invalid IE header length.