Qualcomm ≫ Fastconnect 6800 Firmware

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

Transient DOS in Audio when invoking callback function of ASM driver.

Information disclosure in Audio while accessing AVCS services from ADSP payload.

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

Memory corruption while running VK synchronization with KASAN enabled.

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.