Filtered by vendor Qualcomm
Subscriptions
Filtered by product Qca6698aq
Subscriptions
Total
399 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33062 | 1 Qualcomm | 580 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 577 more | 2025-08-11 | 7.5 High |
| Transient DOS in WLAN Firmware while parsing a BTM request. | ||||
| CVE-2023-33063 | 1 Qualcomm | 598 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 595 more | 2025-08-11 | 7.8 High |
| Memory corruption in DSP Services during a remote call from HLOS to DSP. | ||||
| CVE-2023-33068 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2025-08-11 | 6.7 Medium |
| Memory corruption in Audio while processing IIR config data from AFE calibration block. | ||||
| CVE-2024-43056 | 1 Qualcomm | 385 Aqt1000, Aqt1000 Firmware, Ar8035 and 382 more | 2025-08-11 | 5.5 Medium |
| Transient DOS during hypervisor virtual I/O operation in a virtual machine. | ||||
| CVE-2023-33101 | 1 Qualcomm | 208 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 205 more | 2025-08-11 | 7.5 High |
| Transient DOS while processing DL NAS TRANSPORT message with payload length 0. | ||||
| CVE-2025-21433 | 1 Qualcomm | 551 215 Mobile, 215 Mobile Firmware, Apq8017 and 548 more | 2025-08-11 | 6.2 Medium |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. | ||||
| CVE-2023-43556 | 1 Qualcomm | 136 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 133 more | 2025-08-11 | 9.3 Critical |
| Memory corruption in Hypervisor when platform information mentioned is not aligned. | ||||
| CVE-2024-43047 | 1 Qualcomm | 141 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6800 and 138 more | 2025-08-11 | 7.8 High |
| Memory corruption while maintaining memory maps of HLOS memory. | ||||
| CVE-2024-23354 | 1 Qualcomm | 160 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 157 more | 2025-08-11 | 8.4 High |
| Memory corruption when the IOCTL call is interrupted by a signal. | ||||
| CVE-2024-45562 | 1 Qualcomm | 160 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 157 more | 2025-08-11 | 6.6 Medium |
| Memory corruption during concurrent access to server info object due to unprotected critical field. | ||||
| CVE-2023-33095 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-08-11 | 7.5 High |
| Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. | ||||
| CVE-2023-33096 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-08-11 | 7.5 High |
| Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. | ||||
| CVE-2025-38293 | 2 Linux, Qualcomm | 2 Linux Kernel, Qca6698aq | 2025-07-28 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an invalid list node. Because the prev of that node still points to the list head "arvifs", but the next of the list head "arvifs" no longer points to that list node. When a WLAN recovery occurs during the execution of a vif removal, and it happens before the spin_lock_bh(&ar->data_lock) in ath11k_mac_op_remove_interface(), list_del() will detect the previously mentioned situation, thereby triggering a kernel panic. The fix is to remove and reinitialize all vif list nodes from the list head "arvifs" during WLAN halt. The reinitialization is to make the list nodes valid, ensuring that the list_del() in ath11k_mac_op_remove_interface() can execute normally. Call trace: __list_del_entry_valid_or_report+0xb8/0xd0 ath11k_mac_op_remove_interface+0xb0/0x27c [ath11k] drv_remove_interface+0x48/0x194 [mac80211] ieee80211_do_stop+0x6e0/0x844 [mac80211] ieee80211_stop+0x44/0x17c [mac80211] __dev_close_many+0xac/0x150 __dev_change_flags+0x194/0x234 dev_change_flags+0x24/0x6c devinet_ioctl+0x3a0/0x670 inet_ioctl+0x200/0x248 sock_do_ioctl+0x60/0x118 sock_ioctl+0x274/0x35c __arm64_sys_ioctl+0xac/0xf0 invoke_syscall+0x48/0x114 ... Tested-on: QCA6698AQ hw2.1 PCI WLAN.HSP.1.1-04591-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1 | ||||
| CVE-2025-21445 | 1 Qualcomm | 55 Qam8255p, Qam8255p Firmware, Qam8295p and 52 more | 2025-07-21 | 7.8 High |
| Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host. | ||||
| CVE-2025-21444 | 1 Qualcomm | 54 Qam8255p, Qam8255p Firmware, Qam8295p and 51 more | 2025-07-21 | 7.8 High |
| Memory corruption while copying the result to the transmission queue in EMAC. | ||||
| CVE-2023-43523 | 1 Qualcomm | 284 Ar8035, Ar8035 Firmware, Csr8811 and 281 more | 2025-06-17 | 7.5 High |
| Transient DOS while processing 11AZ RTT management action frame received through OTA. | ||||
| CVE-2023-33076 | 1 Qualcomm | 302 Aqt1000, Aqt1000 Firmware, Ar8035 and 299 more | 2025-06-17 | 5.9 Medium |
| Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. | ||||
| CVE-2023-33037 | 1 Qualcomm | 166 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 163 more | 2025-06-17 | 7.1 High |
| Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. | ||||
| CVE-2023-33014 | 1 Qualcomm | 74 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 71 more | 2025-06-03 | 7.6 High |
| Information disclosure in Core services while processing a Diag command. | ||||
| CVE-2023-33030 | 1 Qualcomm | 596 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 593 more | 2025-06-03 | 9.3 Critical |
| Memory corruption in HLOS while running playready use-case. | ||||