Qualcomm ≫ Ssg2115p Firmware

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Transient DOS due to improper input validation in WLAN Host.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos state.

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.