Snapdragon Ar2 Gen 1 Platform Firmware
Monthly
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in HLOS while invoking IOCTL calls from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in Bluetooth Host while rfc slot allocation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in SPS Application while exporting public key in sorter TA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing t2lm buffers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing no-inherit IES. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in core services when Diag handler receives a command to configure event listeners. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in DSP Service during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in HLOS while registering for key provisioning notify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN handler while processing PhyID in Tx status handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in Audio while remapping channel buffer in media codec decoding. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing FT Information Elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN HOST while receiving an WMI event from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in HLOS while invoking IOCTL calls from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in Bluetooth Host while rfc slot allocation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in SPS Application while exporting public key in sorter TA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing t2lm buffers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing no-inherit IES. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in core services when Diag handler receives a command to configure event listeners. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in DSP Service during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption in HLOS while registering for key provisioning notify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN handler while processing PhyID in Tx status handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS in Audio while remapping channel buffer in media codec decoding. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while parsing FT Information Elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory corruption in WLAN HOST while receiving an WMI event from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.