Filtered by vendor Qualcomm
Subscriptions
Filtered by product Qca6698aq
Subscriptions
Total
432 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27041 | 1 Qualcomm | 127 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 124 more | 2025-11-05 | 5.5 Medium |
| Transient DOS while processing video packets received from video firmware. | ||||
| CVE-2025-27053 | 1 Qualcomm | 639 215 Mobile Platform, 215 Mobile Platform Firmware, 315 5g Iot Modem and 636 more | 2025-11-05 | 7.8 High |
| Memory corruption during PlayReady APP usecase while processing TA commands. | ||||
| CVE-2025-27054 | 1 Qualcomm | 599 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 596 more | 2025-11-05 | 7.8 High |
| Memory corruption while processing a malformed license file during reboot. | ||||
| CVE-2025-27064 | 1 Qualcomm | 155 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 152 more | 2025-11-05 | 6.1 Medium |
| Information disclosure while registering commands from clients with diag through diagHal. | ||||
| CVE-2025-27070 | 1 Qualcomm | 351 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 348 more | 2025-11-05 | 7.8 High |
| Memory corruption while performing encryption and decryption commands. | ||||
| CVE-2025-47353 | 1 Qualcomm | 37 Qam8255p, Qam8255p Firmware, Qam8650p and 34 more | 2025-11-05 | 7.8 High |
| Memory corruption while processing request sent from GVM. | ||||
| CVE-2025-47357 | 1 Qualcomm | 49 Qam8255p, Qam8255p Firmware, Qam8620p and 46 more | 2025-11-05 | 8 High |
| Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions. | ||||
| CVE-2025-47360 | 2 Qnx, Qualcomm | 72 Qnx, Qam8255p, Qam8255p Firmware and 69 more | 2025-11-05 | 7.8 High |
| Memory corruption while processing client message during device management. | ||||
| CVE-2025-47361 | 2 Qnx, Qualcomm | 58 Qnx, Qam8255p, Qam8255p Firmware and 55 more | 2025-11-05 | 7.8 High |
| Memory corruption when triggering a subsystem crash with an out-of-range identifier. | ||||
| CVE-2025-47362 | 2 Qnx, Qualcomm | 78 Qnx, Msm8996au, Msm8996au Firmware and 75 more | 2025-11-05 | 6.1 Medium |
| Information disclosure while processing message from client with invalid payload. | ||||
| CVE-2025-47365 | 1 Qualcomm | 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more | 2025-11-05 | 7.8 High |
| Memory corruption while processing large input data from a remote source via a communication interface. | ||||
| CVE-2025-47370 | 1 Qualcomm | 273 Ar8035, Ar8035 Firmware, Csrb31024 and 270 more | 2025-11-05 | 6.5 Medium |
| Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan. | ||||
| CVE-2025-38293 | 2 Linux, Qualcomm | 2 Linux Kernel, Qca6698aq | 2025-11-03 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an invalid list node. Because the prev of that node still points to the list head "arvifs", but the next of the list head "arvifs" no longer points to that list node. When a WLAN recovery occurs during the execution of a vif removal, and it happens before the spin_lock_bh(&ar->data_lock) in ath11k_mac_op_remove_interface(), list_del() will detect the previously mentioned situation, thereby triggering a kernel panic. The fix is to remove and reinitialize all vif list nodes from the list head "arvifs" during WLAN halt. The reinitialization is to make the list nodes valid, ensuring that the list_del() in ath11k_mac_op_remove_interface() can execute normally. Call trace: __list_del_entry_valid_or_report+0xb8/0xd0 ath11k_mac_op_remove_interface+0xb0/0x27c [ath11k] drv_remove_interface+0x48/0x194 [mac80211] ieee80211_do_stop+0x6e0/0x844 [mac80211] ieee80211_stop+0x44/0x17c [mac80211] __dev_close_many+0xac/0x150 __dev_change_flags+0x194/0x234 dev_change_flags+0x24/0x6c devinet_ioctl+0x3a0/0x670 inet_ioctl+0x200/0x248 sock_do_ioctl+0x60/0x118 sock_ioctl+0x274/0x35c __arm64_sys_ioctl+0xac/0xf0 invoke_syscall+0x48/0x114 ... Tested-on: QCA6698AQ hw2.1 PCI WLAN.HSP.1.1-04591-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1 | ||||
| CVE-2023-33106 | 1 Qualcomm | 309 Ar8035, Ar8035 Firmware, Csra6620 and 306 more | 2025-10-28 | 8.4 High |
| Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | ||||
| CVE-2023-33107 | 1 Qualcomm | 487 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 484 more | 2025-10-28 | 8.4 High |
| Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. | ||||
| CVE-2024-43047 | 1 Qualcomm | 141 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6800 and 138 more | 2025-10-28 | 7.8 High |
| Memory corruption while maintaining memory maps of HLOS memory. | ||||
| CVE-2023-33063 | 1 Qualcomm | 598 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 595 more | 2025-10-27 | 7.8 High |
| Memory corruption in DSP Services during a remote call from HLOS to DSP. | ||||
| CVE-2025-47347 | 2 Qnx, Qualcomm | 76 Qnx, Qam8255p, Qam8255p Firmware and 73 more | 2025-10-21 | 7.8 High |
| Memory corruption while processing control commands in the virtual memory management interface. | ||||
| CVE-2024-45544 | 1 Qualcomm | 88 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 85 more | 2025-10-06 | 6.6 Medium |
| Memory corruption while processing IOCTL calls to add route entry in the HW. | ||||
| CVE-2024-45540 | 1 Qualcomm | 136 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 133 more | 2025-10-06 | 6.6 Medium |
| Memory corruption while invoking IOCTL map buffer request from userspace. | ||||