Qualcomm ≫ Ssg2125p Firmware

Memory corruption due to double free in core while initializing the encryption key.

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call

Information disclosure in modem due to improper check of IP type while processing DNS server query

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.