Qualcomm Ipq8074 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Ipq8074 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2020-11117 — CVSS 9.8 (critical): u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content…
CVE-2021-35104 — CVSS 9.8 (critical): Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10546 — CVSS 9.8 (critical): Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon…
CVE-2019-14031 — CVSS 9.8 (critical): Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto…
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11134 — CVSS 9.8 (critical): Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup…
CVE-2019-10539 — CVSS 9.8 (critical): Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon…
CVE-2020-11172 — CVSS 9.8 (critical): u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in…
CVE-2021-1976 — CVSS 9.8 (critical): A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10540 — CVSS 9.8 (critical): Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto…
CVE-2018-13924 — CVSS 9.8 (critical): Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14083 — CVSS 9.8 (critical): While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is…
CVE-2019-14097 — CVSS 9.8 (critical): Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14098 — CVSS 9.8 (critical): Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon…
CVE-2019-14110 — CVSS 9.8 (critical): Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer…
CVE-2019-14111 — CVSS 9.8 (critical): Possible buffer overflow while handling NAN reception of NMF in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon…
CVE-2019-14112 — CVSS 9.8 (critical): Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon…
CVE-2019-14113 — CVSS 9.8 (critical): Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in…
CVE-2019-14114 — CVSS 9.8 (critical): Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto…
CVE-2019-14134 — CVSS 9.8 (critical): Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE…
CVE-2020-3657 — CVSS 9.8 (critical): u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client…
CVE-2020-3667 — CVSS 9.8 (critical): u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto…
CVE-2021-30351 — CVSS 9.8 (critical): An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon…
CVE-2019-2249 — CVSS 9.8 (critical): Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3614 — CVSS 9.8 (critical): Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto…
CVE-2022-25748 — CVSS 9.8 (critical): Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2300 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon Auto…
CVE-2020-3668 — CVSS 9.8 (critical): u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon…
CVE-2019-2311 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto…
CVE-2020-3669 — CVSS 9.8 (critical): u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3675 — CVSS 9.8 (critical): u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto…
CVE-2019-14082 — CVSS 9.1 (critical): Potential buffer over-read due to lack of bound check of memory offset passed in WLAN firmware in Snapdragon Compute, Snapdragon Consumer…
CVE-2019-10622 — CVSS 9.1 (critical): Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in…
CVE-2019-14063 — CVSS 9.1 (critical): Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11159 — CVSS 9.1 (critical): Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer…
CVE-2018-13906 — CVSS 9.1 (critical): The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2020-11126 — CVSS 9.1 (critical): Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11276 — CVSS 9.1 (critical): Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P…
CVE-2020-11275 — CVSS 9.1 (critical): Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon…
CVE-2022-25652 — CVSS 9.0 (critical): Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking
CVE-2021-1924 — CVSS 9.0 (critical): Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11269 — CVSS 8.8 (high): Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto…
CVE-2020-11267 — CVSS 8.4 (high): Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto…
CVE-2022-33275 — CVSS 8.4 (high): Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
CVE-2021-30260 — CVSS 8.4 (high): Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist…
CVE-2021-30288 — CVSS 8.4 (high): Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon…
CVE-2021-1891 — CVSS 8.4 (high): A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon…
CVE-2021-30335 — CVSS 8.4 (high): Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon…
CVE-2022-33277 — CVSS 8.4 (high): Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2021-1927 — CVSS 8.4 (high): Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute…
CVE-2022-40531 — CVSS 8.4 (high): Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2022-40532 — CVSS 8.4 (high): Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2022-40530 — CVSS 8.4 (high): Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
CVE-2021-30337 — CVSS 8.4 (high): Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto…
CVE-2022-33235 — CVSS 8.2 (high): Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto…
CVE-2020-11191 — CVSS 8.2 (high): Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute…
CVE-2021-35088 — CVSS 8.2 (high): Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon…
CVE-2017-18141 — CVSS 7.8 (high): When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to…
CVE-2017-18330 — CVSS 7.8 (high): Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear…
CVE-2018-11289 — CVSS 7.8 (high): Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in…
CVE-2018-11821 — CVSS 7.8 (high): Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206…
CVE-2018-11847 — CVSS 7.8 (high): Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE…
CVE-2018-11849 — CVSS 7.8 (high): Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile…
CVE-2018-11853 — CVSS 7.8 (high): Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile…
CVE-2018-11866 — CVSS 7.8 (high): Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon…
CVE-2018-11871 — CVSS 7.8 (high): Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon…
CVE-2018-11925 — CVSS 7.8 (high): Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto…
CVE-2018-11928 — CVSS 7.8 (high): Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11938 — CVSS 7.8 (high): Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto…
CVE-2018-11968 — CVSS 7.8 (high): Improper check before assigning value can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2018-13908 — CVSS 7.8 (high): Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon…
CVE-2018-13910 — CVSS 7.8 (high): Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon…
CVE-2018-13916 — CVSS 7.8 (high): Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in…
CVE-2019-10480 — CVSS 7.8 (high): Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon…
CVE-2019-10481 — CVSS 7.8 (high): Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in…
CVE-2019-10491 — CVSS 7.8 (high): ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10499 — CVSS 7.8 (high): Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access. in…
CVE-2019-10512 — CVSS 7.8 (high): Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-10518 — CVSS 7.8 (high): Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10527 — CVSS 7.8 (high): u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range…
CVE-2019-10536 — CVSS 7.8 (high): Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on…
CVE-2019-10547 — CVSS 7.8 (high): When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Auto…
CVE-2019-10597 — CVSS 7.8 (high): kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10600 — CVSS 7.8 (high): Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in…
CVE-2019-10601 — CVSS 7.8 (high): Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon…
CVE-2019-10605 — CVSS 7.8 (high): Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in…
CVE-2019-10607 — CVSS 7.8 (high): Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in…
CVE-2019-10629 — CVSS 7.8 (high): u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-13992 — CVSS 7.8 (high): u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto…
CVE-2019-13994 — CVSS 7.8 (high): u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the…
CVE-2019-13995 — CVSS 7.8 (high): u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory…
CVE-2019-13998 — CVSS 7.8 (high): u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory…
CVE-2019-13999 — CVSS 7.8 (high): u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage'…
CVE-2019-14000 — CVSS 7.8 (high): Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and…
CVE-2019-14026 — CVSS 7.8 (high): Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14027 — CVSS 7.8 (high): Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon…
CVE-2019-14028 — CVSS 7.8 (high): Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14036 — CVSS 7.8 (high): Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-14060 — CVSS 7.8 (high): Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due…
CVE-2019-14074 — CVSS 7.8 (high): u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14094 — CVSS 7.8 (high): Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto…
CVE-2019-14135 — CVSS 7.8 (high): Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2274 — CVSS 7.8 (high): Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2019-2288 — CVSS 7.8 (high): Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto…
CVE-2019-2297 — CVSS 7.8 (high): Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics…
CVE-2019-2299 — CVSS 7.8 (high): An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. in Snapdragon Auto, Snapdragon…
CVE-2019-2304 — CVSS 7.8 (high): Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon…
CVE-2019-2321 — CVSS 7.8 (high): Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto…
CVE-2019-2346 — CVSS 7.8 (high): Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon…
CVE-2020-11125 — CVSS 7.8 (high): u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon…
CVE-2020-11162 — CVSS 7.8 (high): u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in…
CVE-2020-11174 — CVSS 7.8 (high): u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto…
CVE-2020-11204 — CVSS 7.8 (high): Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters…
CVE-2020-11235 — CVSS 7.8 (high): Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon…
CVE-2020-11271 — CVSS 7.8 (high): Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11289 — CVSS 7.8 (high): Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3618 — CVSS 7.8 (high): NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired…
CVE-2020-3622 — CVSS 7.8 (high): u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL…
CVE-2020-3666 — CVSS 7.8 (high): u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3696 — CVSS 7.8 (high): u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking…
CVE-2021-1915 — CVSS 7.8 (high): Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30303 — CVSS 7.8 (high): Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute…
CVE-2021-35069 — CVSS 7.8 (high): Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute…
CVE-2023-33080 — CVSS 7.5 (high): Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2020-11270 — CVSS 7.5 (high): Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter…
CVE-2021-1925 — CVSS 7.5 (high): Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11241 — CVSS 7.5 (high): Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon…
CVE-2021-1937 — CVSS 7.5 (high): Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon…
CVE-2021-1938 — CVSS 7.5 (high): Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1941 — CVSS 7.5 (high): Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1943 — CVSS 7.5 (high): Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in…
CVE-2021-1945 — CVSS 7.5 (high): Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-1948 — CVSS 7.5 (high): Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon…
CVE-2021-1953 — CVSS 7.5 (high): Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon…
CVE-2021-1954 — CVSS 7.5 (high): Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon…
CVE-2021-1964 — CVSS 7.5 (high): Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon…
CVE-2021-1971 — CVSS 7.5 (high): Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2020-11238 — CVSS 7.5 (high): Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1974 — CVSS 7.5 (high): Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon…
CVE-2021-1980 — CVSS 7.5 (high): Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11119 — CVSS 7.5 (high): Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto…
CVE-2021-30302 — CVSS 7.5 (high): Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute…
CVE-2023-33105 — CVSS 7.5 (high): Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence…
CVE-2021-30312 — CVSS 7.5 (high): Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25736 — CVSS 7.5 (high): Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute…
CVE-2022-25749 — CVSS 7.5 (high): Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-33237 — CVSS 7.5 (high): Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-33238 — CVSS 7.5 (high): Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon…
CVE-2018-5837 — CVSS 7.5 (high): In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD…
CVE-2022-40512 — CVSS 7.5 (high): Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2023-43511 — CVSS 7.5 (high): Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next…
CVE-2020-3645 — CVSS 7.5 (high): Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon…
CVE-2020-11296 — CVSS 7.5 (high): Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11281 — CVSS 7.5 (high): Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in…
CVE-2020-11280 — CVSS 7.5 (high): Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to…
CVE-2020-3700 — CVSS 7.5 (high): Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no…
CVE-2021-1887 — CVSS 7.5 (high): An assertion can be reached in the WLAN subsystem while using the Wi-Fi Fine Timing Measurement protocol in Snapdragon Wired Infrastructure…
CVE-2020-11278 — CVSS 7.5 (high): Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1909 — CVSS 7.3 (high): Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-30270 — CVSS 7.3 (high): Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon…
CVE-2021-30272 — CVSS 7.3 (high): Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto…
CVE-2019-14081 — CVSS 7.1 (high): Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute…
CVE-2019-14053 — CVSS 7.1 (high): When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to…
CVE-2020-3619 — CVSS 7.0 (high): u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption'…
CVE-2019-14070 — CVSS 7.0 (high): Possible use after free issue in pcm volume controls due to race condition exist in private data used in mixer controls in Snapdragon Auto…
CVE-2020-11173 — CVSS 7.0 (high): u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1895 — CVSS 6.8 (medium): Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT…
CVE-2021-30264 — CVSS 6.7 (medium): Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon…
CVE-2021-30313 — CVSS 6.7 (medium): Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto…
CVE-2021-30324 — CVSS 6.7 (medium): Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in…
CVE-2021-30325 — CVSS 6.7 (medium): Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon…
CVE-2021-30266 — CVSS 6.7 (medium): Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto…