Qualcomm Qca6174_firmware
89 CVEs affecting Qualcomm Qca6174_firmware. Latest disclosed: 2025-04-07. Critical: 16, High: 69.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-25748 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2022-25720 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C… |
CVE-2021-1975 | Critical | 9.8 | 2021-11-12 | Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, S… |
CVE-2021-1976 | Critical | 9.8 | 2021-09-17 | A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2021-1972 | Critical | 9.8 | 2021-09-08 | Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag… |
CVE-2021-1920 | Critical | 9.8 | 2021-09-08 | Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu… |
CVE-2021-1916 | Critical | 9.8 | 2021-09-08 | Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdrag… |
CVE-2020-11170 | Critical | 9.8 | 2021-02-22 | Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon… |
CVE-2023-43551 | Critical | 9.1 | 2024-06-03 | Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode C… |
CVE-2022-25718 | Critical | 9.1 | 2022-10-19 | Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consum… |
CVE-2020-11301 | Critical | 9.1 | 2021-09-08 | Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Comput… |
CVE-2020-11264 | Critical | 9.1 | 2021-09-08 | Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdra… |
CVE-2020-11159 | Critical | 9.1 | 2021-06-09 | Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapd… |
CVE-2020-11166 | Critical | 9.1 | 2021-03-17 | Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon… |
CVE-2020-11276 | Critical | 9.1 | 2021-02-22 | Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute… |
CVE-2021-1924 | Critical | 9.0 | 2021-11-12 | Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti… |
CVE-2020-11269 | High | 8.8 | 2021-02-22 | Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdr… |
CVE-2020-11177 | High | 8.8 | 2021-02-22 | User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdra… |
CVE-2020-11303 | High | 8.6 | 2021-10-20 | Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdrago… |
CVE-2024-21468 | High | 8.4 | 2024-04-01 | Memory corruption when there is failed unmap operation in GPU. |