Qualcomm Ipq5018_firmware
107 CVEs affecting Qualcomm Ipq5018_firmware. Latest disclosed: 2023-09-05. Critical: 17, High: 78.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-40514 | Critical | 9.8 | 2023-02-12 | Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. |
CVE-2022-33279 | Critical | 9.8 | 2023-02-12 | Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. |
CVE-2022-25748 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2021-1976 | Critical | 9.8 | 2021-09-17 | A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2021-1972 | Critical | 9.8 | 2021-09-08 | Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag… |
CVE-2021-1965 | Critical | 9.8 | 2021-07-13 | Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna… |
CVE-2020-11134 | Critical | 9.8 | 2021-06-09 | Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NA… |
CVE-2020-3675 | Critical | 9.8 | 2020-09-08 | u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute… |
CVE-2020-3669 | Critical | 9.8 | 2020-09-08 | u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit… |
CVE-2020-3667 | Critical | 9.8 | 2020-09-08 | u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto, Snapdragon Compute, S… |
CVE-2020-11301 | Critical | 9.1 | 2021-09-08 | Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Comput… |
CVE-2020-11159 | Critical | 9.1 | 2021-06-09 | Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapd… |
CVE-2020-11126 | Critical | 9.1 | 2021-06-09 | Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti… |
CVE-2020-11276 | Critical | 9.1 | 2021-02-22 | Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute… |
CVE-2020-11275 | Critical | 9.1 | 2021-02-22 | Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Comput… |
CVE-2022-25652 | Critical | 9.0 | 2022-09-16 | Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking |
CVE-2021-1924 | Critical | 9.0 | 2021-11-12 | Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti… |
CVE-2022-40531 | High | 8.4 | 2023-03-10 | Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
CVE-2022-40530 | High | 8.4 | 2023-03-10 | Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. |
CVE-2022-25655 | High | 8.4 | 2023-03-10 | Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. |