Known Vulnerabilities
CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-28559
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
CVE-2023-21625
Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2022-40505
Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
CVE-2022-33291
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
CVE-2022-33287
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
CVE-2022-33222
Information disclosure due to buffer over-read while parsing DNS response packets in Modem.
CVE-2022-25731
Information disclosure in modem due to buffer over-read while processing packets from DNS server
CVE-2022-25730
Information disclosure in modem due to improper check of IP type while processing DNS server query
CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2022-33229
Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets.
CVE-2022-25738
Information disclosure in modem due to buffer over-red while performing checksum of packet received
CVE-2022-25734
Denial of service in modem due to missing null check while processing IP packets with padding
CVE-2022-25733
Denial of service in modem due to null pointer dereference while processing DNS packets