| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. |
| Information disclosure in WLAN HAL while handling command through WMI interfaces. |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
| Transient DOS while decoding message of size that exceeds the available system memory. |
| Memory corruption while running VK synchronization with KASAN enabled. |
| Transient DOS may occur while processing the country IE. |
| Transient DOS while processing 11AZ RTT management action frame received through OTA. |
| Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. |
| Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. |
| Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. |
| Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. |
| Information disclosure in Core services while processing a Diag command. |
| Memory corruption in HLOS while running playready use-case. |
| Transient DOS in Data Modem during DTLS handshake. |
| Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |
| Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. |
