Summary
Detail | |||
---|---|---|---|
Vendor | Qualcomm | First view | 2021-01-21 |
Product | qcn9072 Firmware | Last view | 2024-02-06 |
Version | - | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:qualcomm:qcn9072_firmware |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2024-02-06 | CVE-2023-43523 | Transient DOS while processing 11AZ RTT management action frame received through OTA. |
7.5 | 2024-02-06 | CVE-2023-43522 | Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. |
7.5 | 2024-01-02 | CVE-2023-43511 | Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
7.5 | 2024-01-02 | CVE-2023-33116 | Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. |
7.5 | 2024-01-02 | CVE-2023-33109 | Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. |
7.5 | 2024-01-02 | CVE-2023-33062 | Transient DOS in WLAN Firmware while parsing a BTM request. |
7.8 | 2024-01-02 | CVE-2023-33032 | Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. |
7.8 | 2024-01-02 | CVE-2023-33030 | Memory corruption in HLOS while running playready use-case. |
7.5 | 2023-12-05 | CVE-2023-33098 | Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
7.5 | 2023-12-05 | CVE-2023-33097 | Transient DOS in WLAN Firmware while processing a FTMR frame. |
7.5 | 2023-12-05 | CVE-2023-33089 | Transient DOS when processing a NULL buffer while parsing WLAN vdev. |
7.8 | 2023-12-05 | CVE-2023-33088 | Memory corruption when processing cmd parameters while parsing vdev. |
9.8 | 2023-12-05 | CVE-2023-33083 | Memory corruption in WLAN Host while processing RRM beacon on the AP. |
9.8 | 2023-12-05 | CVE-2023-33082 | Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. |
7.5 | 2023-12-05 | CVE-2023-33081 | Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. |
7.5 | 2023-12-05 | CVE-2023-33080 | Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
7.8 | 2023-12-05 | CVE-2023-33063 | Memory corruption in DSP Services during a remote call from HLOS to DSP. |
7.8 | 2023-12-05 | CVE-2023-33053 | Memory corruption in Kernel while parsing metadata. |
7.5 | 2023-12-05 | CVE-2023-33041 | Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. |
6.5 | 2023-12-05 | CVE-2023-28586 | Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
8.8 | 2023-12-05 | CVE-2023-28585 | Memory corruption while loading an ELF segment in TEE Kernel. |
7.8 | 2023-12-05 | CVE-2023-28550 | Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
7.5 | 2023-11-07 | CVE-2023-33061 | Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. |
7.5 | 2023-11-07 | CVE-2023-33056 | Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. |
7.5 | 2023-11-07 | CVE-2023-33048 | Transient DOS in WLAN Firmware while parsing t2lm buffers. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
32% (53) | CWE-125 | Out-of-bounds Read |
15% (25) | CWE-787 | Out-of-bounds Write |
9% (15) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
7% (12) | CWE-617 | Reachable Assertion |
6% (10) | CWE-416 | Use After Free |
4% (8) | CWE-476 | NULL Pointer Dereference |
4% (8) | CWE-190 | Integer Overflow or Wraparound |
4% (8) | CWE-20 | Improper Input Validation |
4% (7) | CWE-129 | Improper Validation of Array Index |
3% (6) | CWE-287 | Improper Authentication |
2% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
1% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
0% (1) | CWE-704 | Incorrect Type Conversion or Cast |
0% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
0% (1) | CWE-415 | Double Free |
0% (1) | CWE-362 | Race Condition |
0% (1) | CWE-203 | Information Exposure Through Discrepancy |
0% (1) | CWE-200 | Information Exposure |