Filtered by vendor Qualcomm
Subscriptions
Filtered by product Qca6698aq
Subscriptions
Total
377 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21446 | 1 Qualcomm | 481 Ar8035, Ar8035 Firmware, Ar9380 and 478 more | 2025-08-11 | 7.5 High |
| Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests. | ||||
| CVE-2023-33054 | 1 Qualcomm | 336 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 333 more | 2025-08-11 | 9.1 Critical |
| Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. | ||||
| CVE-2023-33055 | 1 Qualcomm | 304 Apq5053-aa, Apq5053-aa Firmware, Aqt1000 and 301 more | 2025-08-11 | 7.8 High |
| Memory Corruption in Audio while invoking callback function in driver from ADSP. | ||||
| CVE-2023-33059 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 515 more | 2025-08-11 | 7.8 High |
| Memory corruption in Audio while processing the VOC packet data from ADSP. | ||||
| CVE-2023-33066 | 1 Qualcomm | 626 205 Mobile, 205 Mobile Firmware, 215 Mobile and 623 more | 2025-08-11 | 8.4 High |
| Memory corruption in Audio while processing RT proxy port register driver. | ||||
| CVE-2023-33067 | 1 Qualcomm | 228 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 225 more | 2025-08-11 | 6.7 Medium |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | ||||
| CVE-2023-33069 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2025-08-11 | 6.7 Medium |
| Memory corruption in Audio while processing the calibration data returned from ACDB loader. | ||||
| CVE-2023-33089 | 1 Qualcomm | 456 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 453 more | 2025-08-11 | 7.5 High |
| Transient DOS when processing a NULL buffer while parsing WLAN vdev. | ||||
| CVE-2023-24849 | 1 Qualcomm | 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 473 more | 2025-08-11 | 8.2 High |
| Information Disclosure in data Modem while parsing an FMTP line in an SDP message. | ||||
| CVE-2023-33065 | 1 Qualcomm | 208 Aqt1000, Aqt1000 Firmware, Ar8035 and 205 more | 2025-08-11 | 6.1 Medium |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. | ||||
| CVE-2025-38293 | 2 Linux, Qualcomm | 2 Linux Kernel, Qca6698aq | 2025-07-28 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an invalid list node. Because the prev of that node still points to the list head "arvifs", but the next of the list head "arvifs" no longer points to that list node. When a WLAN recovery occurs during the execution of a vif removal, and it happens before the spin_lock_bh(&ar->data_lock) in ath11k_mac_op_remove_interface(), list_del() will detect the previously mentioned situation, thereby triggering a kernel panic. The fix is to remove and reinitialize all vif list nodes from the list head "arvifs" during WLAN halt. The reinitialization is to make the list nodes valid, ensuring that the list_del() in ath11k_mac_op_remove_interface() can execute normally. Call trace: __list_del_entry_valid_or_report+0xb8/0xd0 ath11k_mac_op_remove_interface+0xb0/0x27c [ath11k] drv_remove_interface+0x48/0x194 [mac80211] ieee80211_do_stop+0x6e0/0x844 [mac80211] ieee80211_stop+0x44/0x17c [mac80211] __dev_close_many+0xac/0x150 __dev_change_flags+0x194/0x234 dev_change_flags+0x24/0x6c devinet_ioctl+0x3a0/0x670 inet_ioctl+0x200/0x248 sock_do_ioctl+0x60/0x118 sock_ioctl+0x274/0x35c __arm64_sys_ioctl+0xac/0xf0 invoke_syscall+0x48/0x114 ... Tested-on: QCA6698AQ hw2.1 PCI WLAN.HSP.1.1-04591-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1 | ||||
| CVE-2025-21445 | 1 Qualcomm | 55 Qam8255p, Qam8255p Firmware, Qam8295p and 52 more | 2025-07-21 | 7.8 High |
| Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host. | ||||
| CVE-2025-21444 | 1 Qualcomm | 54 Qam8255p, Qam8255p Firmware, Qam8295p and 51 more | 2025-07-21 | 7.8 High |
| Memory corruption while copying the result to the transmission queue in EMAC. | ||||
| CVE-2023-43523 | 1 Qualcomm | 284 Ar8035, Ar8035 Firmware, Csr8811 and 281 more | 2025-06-17 | 7.5 High |
| Transient DOS while processing 11AZ RTT management action frame received through OTA. | ||||
| CVE-2023-33076 | 1 Qualcomm | 302 Aqt1000, Aqt1000 Firmware, Ar8035 and 299 more | 2025-06-17 | 5.9 Medium |
| Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. | ||||
| CVE-2023-33037 | 1 Qualcomm | 166 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 163 more | 2025-06-17 | 7.1 High |
| Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. | ||||
| CVE-2023-33014 | 1 Qualcomm | 74 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 71 more | 2025-06-03 | 7.6 High |
| Information disclosure in Core services while processing a Diag command. | ||||
| CVE-2023-33030 | 1 Qualcomm | 596 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 593 more | 2025-06-03 | 9.3 Critical |
| Memory corruption in HLOS while running playready use-case. | ||||
| CVE-2023-33040 | 1 Qualcomm | 288 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 285 more | 2025-06-03 | 7.5 High |
| Transient DOS in Data Modem during DTLS handshake. | ||||
| CVE-2023-33033 | 1 Qualcomm | 528 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 525 more | 2025-05-21 | 8.4 High |
| Memory corruption in Audio during playback with speaker protection. | ||||