Ipq9008 Firmware
Monthly
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.