Qualcomm ≫ Qcn7606 Firmware

Transient DOS in WLAN Firmware while parsing a BTM request.

Memory corruption in HLOS while running playready use-case.

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

Memory corruption when processing cmd parameters while parsing vdev.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Transient DOS in Bluetooth Host while rfc slot allocation.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Memory corruption while loading an ELF segment in TEE Kernel.

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.