Qualcomm ≫ Sxr2230p Firmware

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

Memory corruption in modem due to improper length check while copying into memory

Information disclosure in modem due to buffer over read in dns client due to missing length check

Denial of service in modem due to null pointer dereference while processing DNS packets

Denial of service in modem due to missing null check while processing IP packets with padding

Denial of service in modem due to missing null check while processing TCP or UDP packets from server