Vulnerabilities > Qualcomm > Wcn3660B Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-03 | CVE-2024-45561 | Use After Free vulnerability in Qualcomm products Memory corruption while handling IOCTL call from user-space to set latency level. | 7.8 |
| 2025-02-03 | CVE-2024-45573 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption may occour while generating test pattern due to negative indexing of display ID. | 7.8 |
| 2025-02-03 | CVE-2024-49832 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in Camera due to unusually high number of nodes passed to AXI port. | 7.8 |
| 2025-02-03 | CVE-2024-49834 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while power-up or power-down sequence of the camera sensor. | 7.8 |
| 2025-01-06 | CVE-2024-33061 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process. | 5.5 |
| 2025-01-06 | CVE-2024-33067 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. | 5.5 |
| 2025-01-06 | CVE-2024-43064 | Allocation of Resources Without Limits or Throttling vulnerability in Qualcomm products Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. | 4.7 |
| 2024-12-02 | CVE-2024-33036 | Use of Out-of-range Pointer Offset vulnerability in Qualcomm products Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. | 6.7 |
| 2024-12-02 | CVE-2024-33037 | Buffer Over-read vulnerability in Qualcomm products Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | 6.1 |
| 2024-12-02 | CVE-2024-33040 | Unspecified vulnerability in Qualcomm products Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access. | 7.0 |