Known Vulnerabilities
CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33012
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33011
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-33010
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.
CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition.
CVE-2024-21473
Memory corruption while redirecting log file to any file location with any file name.
CVE-2023-33105
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
CVE-2023-33116
Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.
CVE-2023-33083
Memory corruption in WLAN Host while processing RRM beacon on the AP.
CVE-2023-33082
Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.
CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP.
CVE-2023-28569
Information disclosure in WLAN HAL while handling command through WMI interfaces.
CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command.
CVE-2023-28554
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2023-28553
Information Disclosure in WLAN Host when processing WMI event command.
CVE-2023-28539
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-28564
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-28559
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
CVE-2023-28549
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
CVE-2023-28544
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
CVE-2023-28541
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
CVE-2023-22387
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2022-33279
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
CVE-2022-33243
Memory corruption due to improper access control in Qualcomm IPC.
CVE-2022-33265
Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device.
CVE-2022-25722
Information exposure in DSP services due to improper handling of freeing memory