| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking |
| Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Information exposure in DSP services due to improper handling of freeing memory |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. |
| Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. |
| Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. |
| Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload. |
| Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. |
| Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. |
| Memory corruption in WLAN HAL while handling command streams through WMI interfaces. |
| Memory corruption in WLAN HAL while handling command through WMI interfaces. |
| Memory corruption while redirecting log file to any file location with any file name. |
| Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. |
| Memory corruption in WLAN Host while processing RRM beacon on the AP. |
| Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. |
| Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. |
| Transient DOS while parsing fragments of MBSSID IE from beacon frame. |
| Memory corruption when allocating and accessing an entry in an SMEM partition. |
