Qualcomm ≫ Sm8550p Firmware

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

Transient DOS while parsing per STA profile in ML IE.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Transient DOS may occur while parsing SSID in action frames.

Transient DOS may occur while parsing EHT operation IE or EHT capability IE.

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.

Memory corruption while processing multiple IOCTL calls from HLOS to DSP.

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.

Information disclosure while creating MQ channels.