Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2018-04-11 |
| Product | qca6574au Firmware | Last view | 2025-05-06 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:qualcomm:qca6574au_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2025-05-06 | CVE-2025-21468 | Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
| 7.8 | 2025-05-06 | CVE-2025-21467 | Memory corruption while reading the FW response from the shared queue. |
| 7.8 | 2025-05-06 | CVE-2025-21460 | Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously. |
| 7.5 | 2025-05-06 | CVE-2025-21459 | Transient DOS while parsing per STA profile in ML IE. |
| 7.8 | 2025-05-06 | CVE-2025-21453 | Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| 7.5 | 2025-05-06 | CVE-2024-49847 | Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE. |
| 9.1 | 2025-05-06 | CVE-2024-49846 | Memory corruption while decoding of OTA messages from T3448 IE. |
| 7.8 | 2025-05-06 | CVE-2024-49845 | Memory corruption during the FRS UDS generation process. |
| 7.8 | 2025-05-06 | CVE-2024-49844 | Memory corruption while triggering commands in the PlayReady Trusted application. |
| 7.8 | 2025-05-06 | CVE-2024-49842 | Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| 7.8 | 2025-05-06 | CVE-2024-49841 | Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| 7.8 | 2025-05-06 | CVE-2024-49835 | Memory corruption while reading secure file. |
| 7.8 | 2025-05-06 | CVE-2024-49830 | Memory corruption while processing an IOCTL call to set mixer controls. |
| 7.8 | 2025-05-06 | CVE-2024-45581 | Memory corruption while sound model registration for voice activation with audio kernel driver. |
| 7.8 | 2025-05-06 | CVE-2024-45570 | Memory corruption may occur during IO configuration processing when the IO port count is invalid. |
| 7.8 | 2025-05-06 | CVE-2024-45564 | Memory corruption during concurrent access to server info object due to incorrect reference count update. |
| 7.8 | 2025-05-06 | CVE-2024-45562 | Memory corruption during concurrent access to server info object due to unprotected critical field. |
| 7.8 | 2025-03-03 | CVE-2025-21424 | Memory corruption while calling the NPU driver APIs concurrently. |
| 7 | 2025-03-03 | CVE-2024-53032 | Memory corruption may occur in keyboard virtual device due to guest VM interaction. |
| 7.8 | 2025-03-03 | CVE-2024-53031 | Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. |
| 7.8 | 2025-03-03 | CVE-2024-53030 | Memory corruption while processing input message passed from FE driver. |
| 7.5 | 2025-03-03 | CVE-2024-53027 | Transient DOS may occur while processing the country IE. |
| 7.8 | 2025-03-03 | CVE-2024-53024 | Memory corruption in display driver while detaching a device. |
| 7.8 | 2025-03-03 | CVE-2024-53023 | Memory corruption may occur while accessing a variable during extended back to back tests. |
| 7.8 | 2025-03-03 | CVE-2024-53014 | Memory corruption may occur while validating ports and channels in Audio driver. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 19% (175) | CWE-125 | Out-of-bounds Read |
| 16% (150) | CWE-787 | Out-of-bounds Write |
| 10% (99) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 10% (94) | CWE-416 | Use After Free |
| 6% (61) | CWE-190 | Integer Overflow or Wraparound |
| 5% (46) | CWE-129 | Improper Validation of Array Index |
| 4% (41) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 4% (39) | CWE-20 | Improper Input Validation |
| 4% (37) | CWE-617 | Reachable Assertion |
| 4% (37) | CWE-476 | NULL Pointer Dereference |
| 2% (19) | CWE-415 | Double Free |
| 1% (16) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 1% (15) | CWE-287 | Improper Authentication |
| 0% (9) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (7) | CWE-200 | Information Exposure |
| 0% (6) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (5) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 0% (5) | CWE-362 | Race Condition |
| 0% (5) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 0% (5) | CWE-126 | Buffer Over-read |
| 0% (4) | CWE-338 | Use of Cryptographically Weak PRNG |
| 0% (3) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (2) | CWE-770 | Allocation of Resources Without Limits or Throttling |
| 0% (2) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 0% (2) | CWE-667 | Insufficient Locking |
