Qualcomm ≫ Sxr2230p Firmware

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call

Information disclosure in modem due to improper check of IP type while processing DNS server query

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Transient DOS due to improper input validation in WLAN Host.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.