Qualcomm: >> Wcn3950 Firmware Security Vulnerabilities
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-09-02
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-02
Memory corruption when Alternative Frequency offset value is set to 255.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-02
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-02
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-09-02
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05
Memory corruption while processing IOCTL call to set metainfo.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05
Memory corruption while allocating memory in HGSL driver.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05