105 known vulnerabilities · sorted by CVSS score
Memory corruption while processing MBSSID beacon containing several subelement IE.
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
Memory corruption while processing TPC target power table in FTM TPC.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption during management frame processing due to mismatch in T2LM info element.
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
Information disclosure while parsing the OCI IE with invalid length.
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.
Memory corruption while handling IOCTL call from user-space to set latency level.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.