Wcd9380 Firmware Security Vulnerabilities and Issues — Page 3 of Wcd9380 Firmware CVE List

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructu...

10CVSS9.6AI score0.00356EPSS

CVE•added 2023/11/07 6:15 a.m.•106 views

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2024/02/06 6:16 a.m.•106 views

CVE-2023-43520

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.

9.8CVSS9.5AI score0.00204EPSS

CVE•added 2024/03/04 11:15 a.m.•106 views

CVE-2023-43552

Memory corruption while processing MBSSID beacon containing several subelement IE.

9.8CVSS9.8AI score0.00227EPSS

CVE•added 2024/03/04 11:15 a.m.•106 views

CVE-2023-43553

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

9.8CVSS9.8AI score0.00291EPSS

CVE•added 2022/06/14 10:15 a.m.•105 views

CVE-2022-22090

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

8.4CVSS7.9AI score0.00043EPSS

CVE•added 2023/09/05 7:15 a.m.•105 views

CVE-2023-28581

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

9.8CVSS9.8AI score0.00133EPSS

CVE•added 2022/09/16 6:15 a.m.•104 views

CVE-2022-25670

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

7.5CVSS7.5AI score0.00149EPSS

CVE•added 2023/10/03 6:15 a.m.•104 views

CVE-2023-33034

Memory corruption while parsing the ADSP response command.

7.8CVSS7.9AI score0.00059EPSS

CVE•added 2023/12/05 3:15 a.m.•104 views

CVE-2023-33053

Memory corruption in Kernel while parsing metadata.

8.4CVSS8.2AI score0.00128EPSS

CVE•added 2024/01/02 6:15 a.m.•104 views

CVE-2023-33094

Memory corruption while running VK synchronization with KASAN enabled.

8.4CVSS7.8AI score0.00078EPSS

CVE•added 2024/01/02 6:15 a.m.•104 views

CVE-2023-33110

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.

7.8CVSS6.8AI score0.00085EPSS

CVE•added 2024/01/02 6:15 a.m.•104 views

CVE-2023-33117

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.

7.8CVSS7.8AI score0.0011EPSS

CVE•added 2024/07/01 3:15 p.m.•104 views

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

8.4CVSS8.3AI score0.00112EPSS

CVE•added 2022/04/01 5:15 a.m.•103 views

CVE-2021-30332

Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2022/06/14 10:15 a.m.•103 views

CVE-2022-22064

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.6AI score0.00369EPSS

CVE•added 2023/11/07 6:15 a.m.•103 views

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP.

7.8CVSS7.7AI score0.00062EPSS

CVE•added 2024/02/06 6:16 a.m.•103 views

CVE-2023-43516

Memory corruption when malformed message payload is received from firmware.

7.8CVSS7.8AI score0.00053EPSS

CVE•added 2025/01/06 11:15 a.m.•103 views

CVE-2024-45558

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

7.5CVSS7.5AI score0.00133EPSS

CVE•added 2021/09/08 12:15 p.m.•102 views

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...

10CVSS8.1AI score0.00263EPSS

CVE•added 2021/09/17 7:15 a.m.•102 views

CVE-2021-1976

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Ne...

10CVSS9.3AI score0.00285EPSS

CVE•added 2022/02/11 11:15 a.m.•102 views

CVE-2021-30326

Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2024/03/04 11:15 a.m.•102 views

CVE-2023-28582

Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.

9.8CVSS9.7AI score0.00167EPSS

CVE•added 2023/10/03 6:15 a.m.•102 views

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•102 views

CVE-2023-33074

Memory corruption in Audio when SSR event is triggered after music playback is stopped.

8.4CVSS8.1AI score0.0003EPSS

CVE•added 2024/01/02 6:15 a.m.•102 views

CVE-2023-33114

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.

8.4CVSS7.9AI score0.00112EPSS

CVE•added 2024/03/04 11:15 a.m.•102 views

CVE-2023-43546

Memory corruption while invoking HGSL IOCTL context create.

8.4CVSS8.7AI score0.00095EPSS

CVE•added 2021/09/09 8:15 a.m.•101 views

CVE-2021-1941

Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...

7.8CVSS7.6AI score0.00371EPSS

CVE•added 2022/12/13 4:15 p.m.•101 views

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.2CVSS8AI score0.00097EPSS

CVE•added 2025/05/06 9:15 a.m.•101 views

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

7.8CVSS8AI score0.00022EPSS

CVE•added 2021/09/08 12:15 p.m.•100 views

CVE-2020-11301

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.1CVSS7.2AI score0.02348EPSS

CVE•added 2021/07/13 6:15 a.m.•100 views

CVE-2021-1898

Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

4.6CVSS5.2AI score0.00046EPSS

CVE•added 2022/02/11 11:15 a.m.•100 views

CVE-2021-30317

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

9.3CVSS7.7AI score0.00041EPSS

CVE•added 2022/06/14 10:15 a.m.•100 views

CVE-2022-22087

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.7AI score0.00369EPSS

CVE•added 2024/03/04 11:15 a.m.•100 views

CVE-2023-43547

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

8.4CVSS8.6AI score0.00095EPSS

CVE•added 2025/02/03 5:15 p.m.•100 views

CVE-2024-49843

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.

7.8CVSS7.8AI score0.00027EPSS

CVE•added 2022/09/16 6:15 a.m.•99 views

CVE-2022-25693

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile

8.4CVSS7.9AI score0.00068EPSS

CVE•added 2022/09/16 6:15 a.m.•99 views

CVE-2022-25706

Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.2CVSS7.6AI score0.00107EPSS

CVE•added 2022/11/15 10:15 a.m.•99 views

CVE-2022-25724

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00122EPSS

CVE•added 2022/10/19 11:15 a.m.•99 views

CVE-2022-33217

Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon Mobile

7.8CVSS7.9AI score0.00071EPSS

CVE•added 2023/07/04 5:15 a.m.•99 views

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•99 views

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

8.8CVSS7.3AI score0.00102EPSS

CVE•added 2024/02/06 6:15 a.m.•99 views

CVE-2023-33064

Transient DOS in Audio when invoking callback function of ASM driver.