Qualcomm ≫ Qcm4325 Firmware

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

Memory corruption in modem due to buffer overflow while processing a PPP packet