WLAN Firmware
by Qualcomm
CVEs (25)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33045 | Cri | 0.64 | 9.8 | 0.00 | Nov 7, 2023 | Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | ||
| CVE-2023-33028 | Cri | 0.64 | 9.8 | 0.01 | Oct 3, 2023 | Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. | ||
| CVE-2023-28581 | Cri | 0.64 | 9.8 | 0.00 | Sep 5, 2023 | Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. | ||
| CVE-2022-40514 | Cri | 0.64 | 9.8 | 0.00 | Feb 12, 2023 | Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. | ||
| CVE-2022-33235 | Hig | 0.53 | 8.2 | 0.00 | Dec 13, 2022 | Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | ||
| CVE-2023-43533 | Hig | 0.49 | 7.5 | 0.00 | Feb 6, 2024 | Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. | ||
| CVE-2023-43511 | Hig | 0.49 | 7.5 | 0.00 | Jan 2, 2024 | Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | ||
| CVE-2023-33112 | Hig | 0.49 | 7.5 | 0.00 | Jan 2, 2024 | Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. | ||
| CVE-2023-33062 | Hig | 0.49 | 7.5 | 0.00 | Jan 2, 2024 | Transient DOS in WLAN Firmware while parsing a BTM request. | ||
| CVE-2023-33097 | Hig | 0.49 | 7.5 | 0.00 | Dec 5, 2023 | Transient DOS in WLAN Firmware while processing a FTMR frame. | ||
| CVE-2023-33041 | Hig | 0.49 | 7.5 | 0.00 | Dec 5, 2023 | Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. | ||
| CVE-2023-33061 | Hig | 0.49 | 7.5 | 0.00 | Nov 7, 2023 | Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. | ||
| CVE-2023-33056 | Hig | 0.49 | 7.5 | 0.00 | Nov 7, 2023 | Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. | ||
| CVE-2023-33048 | Hig | 0.49 | 7.5 | 0.00 | Nov 7, 2023 | Transient DOS in WLAN Firmware while parsing t2lm buffers. | ||
| CVE-2023-33047 | Hig | 0.49 | 7.5 | 0.00 | Nov 7, 2023 | Transient DOS in WLAN Firmware while parsing no-inherit IES. | ||
| CVE-2023-33027 | Hig | 0.49 | 7.5 | 0.00 | Oct 3, 2023 | Transient DOS in WLAN Firmware while parsing rsn ies. | ||
| CVE-2023-33026 | Hig | 0.49 | 7.5 | 0.00 | Oct 3, 2023 | Transient DOS in WLAN Firmware while parsing a NAN management frame. | ||
| CVE-2023-33016 | Hig | 0.49 | 7.5 | 0.00 | Sep 5, 2023 | Transient DOS in WLAN firmware while parsing MLO (multi-link operation). | ||
| CVE-2023-33015 | Hig | 0.49 | 7.5 | 0.00 | Sep 5, 2023 | Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. | ||
| CVE-2023-21660 | Hig | 0.49 | 7.5 | 0.00 | Jun 6, 2023 | Transient DOS in WLAN Firmware while parsing FT Information Elements. |
- risk 0.64cvss 9.8epss 0.00
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
- risk 0.64cvss 9.8epss 0.01
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
- risk 0.64cvss 9.8epss 0.00
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
- risk 0.64cvss 9.8epss 0.00
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
- risk 0.53cvss 8.2epss 0.00
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
- risk 0.49cvss 7.5epss 0.00
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
- risk 0.49cvss 7.5epss 0.00
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing a BTM request.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while processing a FTMR frame.
- risk 0.49cvss 7.5epss 0.00
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing t2lm buffers.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing no-inherit IES.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing rsn ies.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing a NAN management frame.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
- risk 0.49cvss 7.5epss 0.00
Transient DOS in WLAN Firmware while parsing FT Information Elements.
Page 1 of 2