Sd695 Firmware Security Vulnerabilities

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

CVE-2023-21636

Memory Corruption due to improper validation of array index in Linux while updating adn record.

CVE-2023-21644

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.

CVE-2023-21646

Transient DOS in Modem while processing invalid System Information Block 1.

CVE-2023-21649

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.