| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in WLAN HAL while handling command through WMI interfaces. |
| Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information. |
| Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. |
| Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. |
| Memory corruption in WLAN HAL while parsing WMI command parameters. |
| Memory corruption in WLAN handler while processing PhyID in Tx status handler. |
| Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. |
| Transient DOS in WLAN Firmware while processing frames with missing header fields. |
| Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. |
| Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. |
| Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. |
| Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. |
| Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. |
| Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs. |
| Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. |
| Information disclosure due to buffer over-read in WLAN while parsing NMF frame. |
| Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking |
| Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
| Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity |
