Qca4010 Security Vulnerabilities

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI...

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI...

CVE-2023-28559

Memory corruption in WLAN FW while processing command parameters from untrusted WMI...

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI...

CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS...

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1...

CVE-2022-40505

Information disclosure due to buffer over-read in Modem while parsing DNS...

CVE-2022-33291

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed...

CVE-2022-33287

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6...

CVE-2022-33222

Information disclosure due to buffer over-read while parsing DNS response packets in...

CVE-2022-25731

Information disclosure in modem due to buffer over-read while processing packets from DNS...

CVE-2022-25730

Information disclosure in modem due to improper check of IP type while processing DNS server...

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command...

CVE-2022-25738

Information disclosure in modem due to buffer over-red while performing checksum of packet...

CVE-2022-25733

Denial of service in modem due to null pointer dereference while processing DNS...

CVE-2022-25734

Denial of service in modem due to missing null check while processing IP packets with...

CVE-2022-33229

Information disclosure due to buffer over-read in Modem while using static array to process IPv4...

CVE-2022-25742

Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &...

CVE-2022-25674

Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &...

CVE-2022-25727

Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &...

CVE-2022-25719

Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &....

CVE-2022-25718

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

CVE-2021-30288

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon.....

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

CVE-2020-11212

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

CVE-2020-11213

Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

CVE-2019-14135

Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...