Qualcomm ≫ 9207 Lte Modem Firmware

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.