Wcd9380 Firmware Security Vulnerabilities and Issues — Page 17 of Wcd9380 Firmware CVE List

7.8CVSS7.8AI score0.00035EPSS

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapd...

7.8CVSS7.2AI score0.0003EPSS

CVE-2021-1921

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.2AI score0.00216EPSS

CVE-2021-1946

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

6.7CVSS6.6AI score0.00059EPSS

CVE-2021-1962

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruct...

9.1CVSS9AI score0.00286EPSS

CVE-2021-1981

Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.5AI score0.0026EPSS

CVE-2021-1982

Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

6.7CVSS6.7AI score0.00048EPSS

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

CVE•added 2022/01/03 8:15 a.m.•42 views

CVE-2021-30267

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS8AI score0.00054EPSS

CVE•added 2022/01/03 8:15 a.m.•42 views

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.8AI score0.00039EPSS

8.4CVSS7.6AI score0.00035EPSS

CVE-2021-30295

Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE•added 2021/10/20 7:15 a.m.•42 views

CVE-2021-30316

Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS7.6AI score0.00033EPSS

CVE•added 2024/05/06 3:15 p.m.•42 views

CVE-2023-43531

Memory corruption while verifying the serialized header when the key pairs are generated.

8.4CVSS7.1AI score0.00045EPSS

CVE•added 2024/06/03 10:15 a.m.•42 views

CVE-2023-43538

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

9.3CVSS9.5AI score0.00048EPSS

CVE•added 2024/07/01 3:15 p.m.•42 views

CVE-2024-21460

Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.

7.1CVSS6.5AI score0.00032EPSS

CVE•added 2024/07/01 3:15 p.m.•42 views

CVE-2024-21462

Transient DOS while loading the TA ELF file.

7.1CVSS6.1AI score0.00033EPSS

CVE•added 2024/05/06 3:15 p.m.•42 views

CVE-2024-21474

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

8.4CVSS7.3AI score0.00061EPSS

CVE•added 2024/06/03 10:15 a.m.•42 views

CVE-2024-23360

Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.

8.4CVSS8.6AI score0.00069EPSS

CVE•added 2024/08/05 3:15 p.m.•42 views

CVE-2024-33026

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/08/05 3:15 p.m.•42 views

CVE-2024-33034

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.

8.4CVSS8.7AI score0.00035EPSS

6.1CVSS6.3AI score0.00019EPSS

CVE-2024-38417

Information disclosure while processing IO control commands.

7.8CVSS7.9AI score0.00014EPSS

CVE-2024-38418

Memory corruption while parsing the memory map info in IOCTL calls.

8.8CVSS8.9AI score0.00036EPSS

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

CVE•added 2024/12/02 11:15 a.m.•42 views

CVE-2024-43050

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

7.8CVSS7.9AI score0.00027EPSS

7.8CVSS7.8AI score0.00014EPSS

CVE-2024-45560

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.