Qualcomm ≫ Sa4150p Firmware

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

Memory corruption while reading the FW response from the shared queue.

Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Memory corruption while triggering commands in the PlayReady Trusted application.

Memory corruption while reading secure file.

Memory corruption during concurrent access to server info object due to unprotected critical field.

Transient DOS may occur while parsing SSID in action frames.