Qualcomm ≫ Wcn6851 Firmware

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

Memory corruption due to improper validation of array index in Multi-mode call processor.

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

Memory corruption due to improper access control in Qualcomm IPC.

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.