Qualcomm: >> Wcn3660b Firmware Security Vulnerabilities
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-08
Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-08-08
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-08
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-08
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-08-08
Memory corruption in RIL while trying to send apdu packet.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-08
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-08
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-08
Memory Corruption in Audio while playing amrwbplus clips with modified content.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-08-08
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-08