Qualcomm: >> Wcn3991 Firmware Security Vulnerabilities
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS Score
8.4
EPSS Score
0.001
Published
2022-06-14
Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVSS Score
9.8
EPSS Score
0.005
Published
2022-06-14
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-14
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS Score
8.4
EPSS Score
0.001
Published
2022-06-14
APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVSS Score
7.7
EPSS Score
0.001
Published
2022-06-14
An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS Score
6.7
EPSS Score
0.001
Published
2022-06-14
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-14
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
6.7
EPSS Score
0.001
Published
2022-06-14
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
6.7
EPSS Score
0.001
Published
2022-06-14
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT
CVSS Score
8.8
EPSS Score
0.002
Published
2022-06-14