CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

CVE-2022-40521

Transient DOS due to improper authorization in Modem

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

CVE-2022-33304

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.