Qualcomm ≫ Snapdragon X75 5g Modem-rf System Firmware

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

Memory corruption when decoding corrupted satellite data files with invalid signature offsets.

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.

Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.

Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.

Memory corruption while handling different IOCTL calls from the user-space simultaneously.