Qualcomm: >> Qcs8250 Firmware Security Vulnerabilities
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-09-02
Memory corruption when two threads try to map and unmap a single node simultaneously.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-09-02
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-09-02
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-09-02
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-09-02
Memory corruption when Alternative Frequency offset value is set to 255.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-02
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-02
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-09-02
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05