Wcd9341 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-14	CVE-2021-30347	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network qualcomm CWE-367 critical	9.3
2022-06-14	CVE-2021-35071	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-125	2.1
2022-06-14	CVE-2021-35072	Improper Validation of Array Index vulnerability in Qualcomm products Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-129	7.2
2022-06-14	CVE-2021-35073	Reachable Assertion vulnerability in Qualcomm products Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	7.8
2022-06-14	CVE-2021-35076	NULL Pointer Dereference vulnerability in Qualcomm products Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-476	7.8
2022-06-14	CVE-2021-35078	Memory Leak vulnerability in Qualcomm products Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables network low complexity qualcomm CWE-401	7.8
2022-06-14	CVE-2021-35079	Improper Preservation of Permissions vulnerability in Qualcomm products Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-281	2.1
2022-06-14	CVE-2021-35081	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music network low complexity qualcomm CWE-120 critical	10.0
2022-06-14	CVE-2021-35083	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-125 critical	9.4
2022-06-14	CVE-2021-35084	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music local low complexity qualcomm CWE-125	3.6