Vulnerabilities > Qualcomm > Wcn6850 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2021-35111 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile
network
qualcomm CWE-367
7.1
2022-06-14 CVE-2021-35112 Incorrect Authorization vulnerability in Qualcomm products
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-863
7.2
2022-06-14 CVE-2021-35123 Unspecified vulnerability in Qualcomm products
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT
low complexity
qualcomm
8.3
2022-06-14 CVE-2021-35126 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-129
7.2
2022-06-14 CVE-2021-35129 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.2
2022-06-14 CVE-2021-35130 Use After Free vulnerability in Qualcomm products
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.2
2022-06-14 CVE-2022-22057 Race Condition vulnerability in Qualcomm products
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-362
7.8
2022-06-14 CVE-2022-22064 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.8
2022-06-14 CVE-2022-22065 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.8
2022-06-14 CVE-2022-22068 Use After Free vulnerability in Qualcomm products
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.2