qca9880_firmware

Published Sep 8, 2021

Page 1 of 5

CVE-2021-30351

qualcomm / apq8009_firmware+195

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Jan 3, 2022

CVE-2022-33279

qualcomm / ar9380_firmware+73

Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.

Published Feb 12, 2023

CVE-2021-1976

qualcomm / apq8009_firmware+246

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Sep 17, 2021

CVE-2023-33083

qualcomm / ar8035_firmware+114

Memory corruption in WLAN Host while processing RRM beacon on the AP.

Published Dec 5, 2023

CVE-2023-33082

qualcomm / ar8035_firmware+114

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.

Published Dec 5, 2023

CVE-2021-1965

qualcomm / aqt1000_firmware+125

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Published Jul 13, 2021

CVE-2014-9998

qualcomm / mdm9206_firmware+28

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large.

Published Apr 18, 2018

CVE-2024-21473

qualcomm / ar8035_firmware+126

Memory corruption while redirecting log file to any file location with any file name.

Published Apr 1, 2024

CVE-2015-9220

qualcomm / mdm9206_firmware+25

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, and SDX20, integer overflow occurs when the size of the firmware section is incorrectly encoded in the firmware image.

qualcomm / apq8009_firmware+268

Published Apr 18, 2018

CVE-2020-11301

CRITICAL9.1

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+316

Published Sep 8, 2021

CVE-2021-1924

CRITICAL9.0

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Nov 12, 2021

CVE-2020-11257

Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking

CVE-2020-11258

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking

CVE-2020-11259

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking

CVE-2020-11256

Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking

CVE-2020-11269

qualcomm / apq8009_firmware+537

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Adjacent

Published Feb 22, 2021

CVE-2021-30335

HIGH8.4

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009w_firmware+173

qualcomm / apq8009_firmware+209

Published Jan 3, 2022

CVE-2021-30337

HIGH8.4

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+237

Published Jan 3, 2022

CVE-2022-25655

HIGH8.4

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.