qca9561_firmware

qualcomm / apq8009_firmware+246

Published Sep 8, 2021

Page 1 of 2

CVE-2021-1976

CRITICAL9.8

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+268

Published Sep 17, 2021

CVE-2020-11301

CRITICAL9.1

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+316

Published Sep 8, 2021

CVE-2021-1924

CRITICAL9.0

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+537

Published Nov 12, 2021

CVE-2020-11269

HIGH8.8

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Adjacent

Published Feb 22, 2021

CVE-2022-25655

qualcomm / apq8009_firmware+237

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

Published Mar 10, 2023

CVE-2021-1947

qualcomm / apq8009w_firmware+86

Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Sep 17, 2021

CVE-2023-21628

qualcomm / apq8017_firmware+282

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Published Jun 6, 2023

CVE-2020-11267

qualcomm / apq8009_firmware+270

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jun 9, 2021

CVE-2021-1927

qualcomm / apq8009_firmware+457

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published May 7, 2021

CVE-2021-30303

qualcomm / apq8009_firmware+238

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2020-11235

qualcomm / apq8009_firmware+537

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Jun 9, 2021

CVE-2023-28564

qualcomm / aqt1000_firmware+248

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

Published Sep 5, 2023

CVE-2023-28560

qualcomm / apq8076_firmware+266

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

Published Sep 5, 2023

CVE-2023-28565

qualcomm / 9205_lte_firmware+294

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

Published Sep 5, 2023

CVE-2021-1915

qualcomm / apq8096au_firmware+404

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published May 7, 2021

CVE-2021-1943

qualcomm / apq8053_firmware+176

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Published Jul 13, 2021

CVE-2021-1954

qualcomm / apq8053_firmware+149

Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Published Jul 13, 2021

CVE-2020-11280

qualcomm / aqt1000_firmware+412

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Published Feb 22, 2021

CVE-2021-1948

qualcomm / apq8053_firmware+217

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking