Vulnerabilities > Qualcomm > Qca6698Aq Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-23385 | Reachable Assertion vulnerability in Qualcomm products Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | 6.5 |
| 2024-11-04 | CVE-2024-33029 | Use After Free vulnerability in Qualcomm products Memory corruption while handling the PDR in driver for getting the remote heap maps. | 6.7 |
| 2024-11-04 | CVE-2024-33030 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. | 6.7 |
| 2024-11-04 | CVE-2024-33068 | Use After Free vulnerability in Qualcomm products Transient DOS while parsing fragments of MBSSID IE from beacon frame. | 6.5 |
| 2024-11-04 | CVE-2024-38403 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing BTM ML IE when per STA profile is not included. | 6.5 |
| 2024-11-04 | CVE-2024-38405 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while processing the CU information from RNR IE. | 6.5 |
| 2024-10-07 | CVE-2024-23370 | Use After Free vulnerability in Qualcomm products Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same. | 6.7 |
| 2024-10-07 | CVE-2024-23374 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. | 6.7 |
| 2024-10-07 | CVE-2024-23378 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record. | 6.7 |
| 2024-10-07 | CVE-2024-23379 | Double Free vulnerability in Qualcomm products Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario. | 6.7 |