Qualcomm ≫ Wsa8815 Firmware

Memory Corruption when copying data from a freed source while executing performance counter deselect operation.

Memory corruption when another driver calls an IOCTL with invalid input/output buffer.

Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

Transient DOS when processing target power rate tables during channel configuration.

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.