qfe1922_firmware

qualcomm / apq8009_firmware+276

Published Apr 1, 2024

Page 1 of 2

CVE-2021-1972

CRITICAL9.8

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+268

Published Sep 8, 2021

CVE-2020-11301

CRITICAL9.1

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+316

Published Sep 8, 2021

CVE-2021-1924

CRITICAL9.0

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Nov 12, 2021

CVE-2020-11258

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking

CVE-2020-11256

Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking

CVE-2020-11257

Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking

CVE-2020-11269

qualcomm / apq8009_firmware+537

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Adjacent

Published Feb 22, 2021

CVE-2020-11259

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+270

CVE-2020-11267

HIGH8.4

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+237

CVE-2022-25655

HIGH8.4

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

qualcomm / apq8017_firmware+282

Published Mar 10, 2023

CVE-2023-21628

HIGH8.4

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Published Jun 6, 2023

CVE-2023-28564

qualcomm / aqt1000_firmware+248

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

Published Sep 5, 2023

CVE-2020-11235

qualcomm / apq8009_firmware+537

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2023-28560

qualcomm / apq8076_firmware+266

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

Published Sep 5, 2023

CVE-2023-28565

qualcomm / 9205_lte_firmware+294

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

qualcomm / aqt1000_firmware+415

Published Sep 5, 2023

CVE-2020-11270

HIGH7.5

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+531

Published Feb 22, 2021

CVE-2020-11296

HIGH7.5

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+326

Published Feb 22, 2021

CVE-2021-1909

HIGH7.3

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published Sep 9, 2021

CVE-2020-11266

MEDIUM6.5

Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking