Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2021-11-12 |
| Product | wcn7850 Firmware | Last view | 2023-09-05 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:qualcomm:wcn7850_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.5 | 2023-09-05 | CVE-2023-21667 | Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. |
| 7.8 | 2023-09-05 | CVE-2023-21664 | Memory Corruption in Core Platform while printing the response buffer in log. |
| 7.8 | 2023-09-05 | CVE-2023-21663 | Memory Corruption while accessing metadata in Display. |
| 7.8 | 2023-09-05 | CVE-2023-21662 | Memory corruption in Core Platform while printing the response buffer in log. |
| 7.8 | 2023-09-05 | CVE-2023-21655 | Memory corruption in Audio while validating and mapping metadata. |
| 7.5 | 2023-09-05 | CVE-2023-21646 | Transient DOS in Modem while processing invalid System Information Block 1. |
| 5.5 | 2023-09-05 | CVE-2022-33220 | Information disclosure in Automotive multimedia due to buffer over-read. |
| 7.1 | 2023-08-08 | CVE-2023-21652 | Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. |
| 7.8 | 2023-08-08 | CVE-2023-21651 | Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. |
| 6.5 | 2023-08-08 | CVE-2023-21647 | Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. |
| 7.8 | 2023-08-08 | CVE-2023-21627 | Memory corruption in Trusted Execution Environment while calling service API with invalid address. |
| 9.8 | 2023-08-08 | CVE-2022-40510 | Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
| 7.8 | 2023-03-10 | CVE-2022-40540 | Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel. |
| 9.8 | 2023-03-10 | CVE-2022-40537 | Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. |
| 7.8 | 2023-03-10 | CVE-2022-40531 | Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
| 7.8 | 2023-03-10 | CVE-2022-40530 | Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. |
| 7.5 | 2023-03-10 | CVE-2022-40527 | Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM. |
| 9.8 | 2023-03-10 | CVE-2022-40515 | Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. |
| 7.5 | 2023-03-10 | CVE-2022-33309 | Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes. |
| 7.8 | 2023-03-10 | CVE-2022-33278 | Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity. |
| 7.5 | 2023-03-10 | CVE-2022-33272 | Transient DOS in modem due to reachable assertion. |
| 7.8 | 2023-03-10 | CVE-2022-33260 | Memory corruption due to stack based buffer overflow in core while sending command from USB of large size. |
| 7 | 2023-03-10 | CVE-2022-33257 | Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. |
| 9.8 | 2023-03-10 | CVE-2022-33256 | Memory corruption due to improper validation of array index in Multi-mode call processor. |
| 7.5 | 2023-03-10 | CVE-2022-33254 | Transient DOS due to reachable assertion in Modem while processing SIB1 Message. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 26% (42) | CWE-125 | Out-of-bounds Read |
| 12% (20) | CWE-787 | Out-of-bounds Write |
| 11% (18) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 8% (13) | CWE-617 | Reachable Assertion |
| 6% (10) | CWE-416 | Use After Free |
| 4% (8) | CWE-190 | Integer Overflow or Wraparound |
| 4% (7) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 4% (7) | CWE-129 | Improper Validation of Array Index |
| 4% (7) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 3% (6) | CWE-20 | Improper Input Validation |
| 3% (5) | CWE-415 | Double Free |
| 2% (4) | CWE-476 | NULL Pointer Dereference |
| 1% (3) | CWE-704 | Incorrect Type Conversion or Cast |
| 1% (2) | CWE-287 | Improper Authentication |
| 0% (1) | CWE-798 | Use of Hard-coded Credentials |
| 0% (1) | CWE-763 | Release of Invalid Pointer or Reference |
| 0% (1) | CWE-459 | Incomplete Cleanup |
| 0% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (1) | CWE-362 | Race Condition |
| 0% (1) | CWE-347 | Improper Verification of Cryptographic Signature |
| 0% (1) | CWE-312 | Cleartext Storage of Sensitive Information |
| 0% (1) | CWE-203 | Information Exposure Through Discrepancy |
| 0% (1) | CWE-131 | Incorrect Calculation of Buffer Size |
