Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Qualcomm, Inc. Snapdragon

Version QCC2073

OTHER 83 CVEs

Known Vulnerabilities

CVE-2024-45558

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

HIGH CVSS 7.5 Published Jan 06, 2025

CVE-2024-45548

Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-45547

Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-45546

Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-45542

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-45541

Memory corruption when IOCTL call is invoked from user-space to read board data.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-43053

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

HIGH CVSS 7.8 Published Dec 02, 2024

CVE-2024-43050

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

HIGH CVSS 7.8 Published Dec 02, 2024

CVE-2024-43049

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.

HIGH CVSS 7.8 Published Dec 02, 2024

CVE-2024-38410

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.

HIGH CVSS 7.8 Published Nov 04, 2024

CVE-2024-38409

Memory corruption while station LL statistic handling.

HIGH CVSS 7.8 Published Nov 04, 2024

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

HIGH CVSS 8.2 Published Nov 04, 2024

CVE-2024-38405

Transient DOS while processing the CU information from RNR IE.

HIGH CVSS 7.5 Published Nov 04, 2024

CVE-2024-38403

Transient DOS while parsing BTM ML IE when per STA profile is not included.

HIGH CVSS 7.5 Published Nov 04, 2024

CVE-2024-33073

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

HIGH CVSS 8.2 Published Oct 07, 2024

CVE-2024-33069

Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.

HIGH CVSS 7.5 Published Oct 07, 2024

CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

HIGH CVSS 7.5 Published Oct 07, 2024

CVE-2024-33057

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-33051

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-33048

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-23364

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-33026

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33025

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33024

Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33020

Transient DOS while processing TID-to-link mapping IE elements.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33019

Transient DOS while parsing the received TID-to-link mapping action frame.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33018

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33015

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33014

Transient DOS while parsing ESP IE from beacon/probe response frame.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33013

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33012

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

HIGH CVSS 7.5 Published Aug 05, 2024

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.

MEDIUM CVSS 6.5 Published Aug 05, 2024

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

MEDIUM CVSS 6.5 Published Aug 05, 2024

CVE-2024-21466

Information disclosure while parsing sub-IE length during new IE generation.

MEDIUM CVSS 6.5 Published Jul 01, 2024

CVE-2024-21458

Information disclosure while handling SA query action frame.

MEDIUM CVSS 6.5 Published Jul 01, 2024

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

MEDIUM CVSS 6.5 Published Jul 01, 2024

CVE-2024-21456

Information Disclosure while parsing beacon frame in STA.

MEDIUM CVSS 6.5 Published Jul 01, 2024

CVE-2024-23363

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

HIGH CVSS 7.5 Published Jun 03, 2024

CVE-2023-43545

Memory corruption when more scan frequency list or channels are sent from the user space.

MEDIUM CVSS 6.7 Published Jun 03, 2024

CVE-2023-43537

Information disclosure while handling T2LM Action Frame in WLAN Host.

MEDIUM CVSS 6.5 Published Jun 03, 2024

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

HIGH CVSS 7.5 Published May 06, 2024

CVE-2023-43553

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

CRITICAL CVSS 9.8 Published Mar 04, 2024

CVE-2023-43552

Memory corruption while processing MBSSID beacon containing several subelement IE.

CRITICAL CVSS 9.8 Published Mar 04, 2024

CVE-2023-43549

Memory corruption while processing TPC target power table in FTM TPC.

HIGH CVSS 8.4 Published Mar 04, 2024

CVE-2023-43539

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

HIGH CVSS 7.5 Published Mar 04, 2024

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43534

Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.

HIGH CVSS 8.6 Published Feb 06, 2024

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43523

Transient DOS while processing 11AZ RTT management action frame received through OTA.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43520

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.

HIGH CVSS 8.6 Published Feb 06, 2024

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33112

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

HIGH CVSS 8.4 Published Dec 05, 2023

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

HIGH CVSS 7.5 Published Nov 07, 2023

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

HIGH CVSS 7.5 Published Nov 07, 2023

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

HIGH CVSS 7.5 Published Nov 07, 2023

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

HIGH CVSS 7.5 Published Nov 07, 2023

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

CRITICAL CVSS 9.8 Published Nov 07, 2023

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

MEDIUM CVSS 6.6 Published Nov 07, 2023

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

MEDIUM CVSS 6.1 Published Nov 07, 2023

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CRITICAL CVSS 9.8 Published Oct 03, 2023

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

HIGH CVSS 7.5 Published Oct 03, 2023

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

HIGH CVSS 7.5 Published Oct 03, 2023

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

MEDIUM CVSS 6.1 Published Oct 03, 2023

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

MEDIUM CVSS 6.6 Published Oct 03, 2023

CVE-2023-21661

Transient DOS while parsing WLAN beacon or probe-response frame.

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2023-21660

Transient DOS in WLAN Firmware while parsing FT Information Elements.

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

HIGH CVSS 7.8 Published Jun 06, 2023