Qualcomm Ar9380 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Ar9380 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (143)
CVE-2022-40514 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30351 — CVSS 9.8 (critical): An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon…
CVE-2021-1965 — CVSS 9.8 (critical): Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25748 — CVSS 9.8 (critical): Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1976 — CVSS 9.8 (critical): A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11159 — CVSS 9.1 (critical): Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2020-11126 — CVSS 9.1 (critical): Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11276 — CVSS 9.1 (critical): Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P…
CVE-2020-11275 — CVSS 9.1 (critical): Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon…
CVE-2021-1924 — CVSS 9.0 (critical): Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11269 — CVSS 8.8 (high): Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto…
CVE-2021-30260 — CVSS 8.4 (high): Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist…
CVE-2022-33275 — CVSS 8.4 (high): Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
CVE-2022-33276 — CVSS 8.4 (high): Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
CVE-2022-33277 — CVSS 8.4 (high): Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2021-1947 — CVSS 8.4 (high): Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon…
CVE-2022-40531 — CVSS 8.4 (high): Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2022-40532 — CVSS 8.4 (high): Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2020-11267 — CVSS 8.4 (high): Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto…
CVE-2021-1927 — CVSS 8.4 (high): Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30337 — CVSS 8.4 (high): Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto…
CVE-2021-30335 — CVSS 8.4 (high): Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon…
CVE-2021-1891 — CVSS 8.4 (high): A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon…
CVE-2021-35088 — CVSS 8.2 (high): Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon…
CVE-2022-33235 — CVSS 8.2 (high): Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto…
CVE-2026-24088 — CVSS 8.2 (high): Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVE-2021-30303 — CVSS 7.8 (high): Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1915 — CVSS 7.8 (high): Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute…
CVE-2021-35069 — CVSS 7.8 (high): Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute…
CVE-2021-35103 — CVSS 7.8 (high): Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon…
CVE-2020-11271 — CVSS 7.8 (high): Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11235 — CVSS 7.8 (high): Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon…
CVE-2020-11238 — CVSS 7.5 (high): Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11241 — CVSS 7.5 (high): Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon…
CVE-2020-11270 — CVSS 7.5 (high): Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter…
CVE-2020-11280 — CVSS 7.5 (high): Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to…
CVE-2020-11296 — CVSS 7.5 (high): Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1887 — CVSS 7.5 (high): An assertion can be reached in the WLAN subsystem while using the Wi-Fi Fine Timing Measurement protocol in Snapdragon Wired Infrastructure…
CVE-2021-1925 — CVSS 7.5 (high): Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1937 — CVSS 7.5 (high): Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon…
CVE-2021-1938 — CVSS 7.5 (high): Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1941 — CVSS 7.5 (high): Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1943 — CVSS 7.5 (high): Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in…
CVE-2021-1945 — CVSS 7.5 (high): Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-1948 — CVSS 7.5 (high): Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon…
CVE-2021-1953 — CVSS 7.5 (high): Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon…
CVE-2021-1954 — CVSS 7.5 (high): Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon…
CVE-2021-1964 — CVSS 7.5 (high): Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon…
CVE-2021-1974 — CVSS 7.5 (high): Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon…
CVE-2021-1980 — CVSS 7.5 (high): Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30302 — CVSS 7.5 (high): Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute…
CVE-2021-30312 — CVSS 7.5 (high): Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25667 — CVSS 7.5 (high): Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking
CVE-2022-25736 — CVSS 7.5 (high): Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25749 — CVSS 7.5 (high): Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-33237 — CVSS 7.5 (high): Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-33238 — CVSS 7.5 (high): Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon…
CVE-2022-33306 — CVSS 7.5 (high): Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
CVE-2022-40512 — CVSS 7.5 (high): Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2023-33105 — CVSS 7.5 (high): Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence…
CVE-2023-43511 — CVSS 7.5 (high): Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next…
CVE-2020-11119 — CVSS 7.5 (high): Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto…
CVE-2024-33011 — CVSS 7.5 (high): Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-33012 — CVSS 7.5 (high): Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33050 — CVSS 7.5 (high): Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2025-21446 — CVSS 7.5 (high): Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
CVE-2021-1909 — CVSS 7.3 (high): Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1895 — CVSS 6.8 (medium): Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT…
CVE-2021-1962 — CVSS 6.7 (medium): Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint…
CVE-2022-25677 — CVSS 6.7 (medium): Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2022-25666 — CVSS 6.7 (medium): Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30325 — CVSS 6.7 (medium): Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon…
CVE-2021-30324 — CVSS 6.7 (medium): Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in…
CVE-2021-30313 — CVSS 6.7 (medium): Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto…
CVE-2021-30266 — CVSS 6.7 (medium): Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto…
CVE-2021-30264 — CVSS 6.7 (medium): Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon…
CVE-2021-35071 — CVSS 5.5 (medium): Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service…
CVE-2021-1903 — CVSS 5.3 (medium): Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response…
CVE-2021-1928 — CVSS 4.6 (medium): Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon…