Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2021-01-21 |
| Product | qcn9072 Firmware | Last view | 2024-02-06 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:qualcomm:qcn9072_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2024-02-06 | CVE-2023-43523 | Transient DOS while processing 11AZ RTT management action frame received through OTA. |
| 7.5 | 2024-02-06 | CVE-2023-43522 | Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. |
| 7.5 | 2024-01-02 | CVE-2023-43511 | Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
| 7.5 | 2024-01-02 | CVE-2023-33116 | Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. |
| 7.5 | 2024-01-02 | CVE-2023-33109 | Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. |
| 7.5 | 2024-01-02 | CVE-2023-33062 | Transient DOS in WLAN Firmware while parsing a BTM request. |
| 7.8 | 2024-01-02 | CVE-2023-33032 | Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. |
| 7.8 | 2024-01-02 | CVE-2023-33030 | Memory corruption in HLOS while running playready use-case. |
| 7.5 | 2023-12-05 | CVE-2023-33098 | Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
| 7.5 | 2023-12-05 | CVE-2023-33097 | Transient DOS in WLAN Firmware while processing a FTMR frame. |
| 7.5 | 2023-12-05 | CVE-2023-33089 | Transient DOS when processing a NULL buffer while parsing WLAN vdev. |
| 7.8 | 2023-12-05 | CVE-2023-33088 | Memory corruption when processing cmd parameters while parsing vdev. |
| 9.8 | 2023-12-05 | CVE-2023-33083 | Memory corruption in WLAN Host while processing RRM beacon on the AP. |
| 9.8 | 2023-12-05 | CVE-2023-33082 | Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. |
| 7.5 | 2023-12-05 | CVE-2023-33081 | Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. |
| 7.5 | 2023-12-05 | CVE-2023-33080 | Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| 7.8 | 2023-12-05 | CVE-2023-33063 | Memory corruption in DSP Services during a remote call from HLOS to DSP. |
| 7.8 | 2023-12-05 | CVE-2023-33053 | Memory corruption in Kernel while parsing metadata. |
| 7.5 | 2023-12-05 | CVE-2023-33041 | Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. |
| 6.5 | 2023-12-05 | CVE-2023-28586 | Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
| 8.8 | 2023-12-05 | CVE-2023-28585 | Memory corruption while loading an ELF segment in TEE Kernel. |
| 7.8 | 2023-12-05 | CVE-2023-28550 | Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
| 7.5 | 2023-11-07 | CVE-2023-33061 | Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. |
| 7.5 | 2023-11-07 | CVE-2023-33056 | Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. |
| 7.5 | 2023-11-07 | CVE-2023-33048 | Transient DOS in WLAN Firmware while parsing t2lm buffers. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 32% (53) | CWE-125 | Out-of-bounds Read |
| 15% (25) | CWE-787 | Out-of-bounds Write |
| 9% (15) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 7% (12) | CWE-617 | Reachable Assertion |
| 6% (10) | CWE-416 | Use After Free |
| 4% (8) | CWE-476 | NULL Pointer Dereference |
| 4% (8) | CWE-190 | Integer Overflow or Wraparound |
| 4% (8) | CWE-20 | Improper Input Validation |
| 4% (7) | CWE-129 | Improper Validation of Array Index |
| 3% (6) | CWE-287 | Improper Authentication |
| 2% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 1% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (1) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 0% (1) | CWE-415 | Double Free |
| 0% (1) | CWE-362 | Race Condition |
| 0% (1) | CWE-203 | Information Exposure Through Discrepancy |
| 0% (1) | CWE-200 | Information Exposure |
