CVE-2023-43518

Memory corruption in video while parsing invalid mp2 clip.

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

CVE-2023-28578

Memory corruption in Core Services while executing the command for removing a single event listener.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-33085

Memory corruption in wearables while processing data from AON.

CVE-2024-33027

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.

CVE-2024-33034

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

CVE-2023-33099

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

CVE-2024-23382

Memory corruption while processing graphics kernel driver request to create DMA fence.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify.

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

CVE-2024-33023

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

CVE-2023-33040

Transient DOS in Data Modem during DTLS handshake.

CVE-2023-43548

Memory corruption while parsing qcp clip with invalid chunk data size.

CVE-2024-33012

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

CVE-2024-33015

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

CVE-2023-33086

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

CVE-2024-49835

Memory corruption while reading secure file.

CVE-2023-21637

Memory corruption in Linux while calling system configuration APIs.

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

CVE-2023-33095

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.

CVE-2023-43541

Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics render.

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2024-33014

Transient DOS while parsing ESP IE from beacon/probe response frame.

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

CVE-2023-28583

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

CVE-2023-33077

Memory corruption in HLOS while converting from authorization token to HIDL vector.

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2023-33096

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.

CVE-2024-21470

Memory corruption while allocating memory for graphics.

CVE-2024-23381

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

CVE-2023-33104

Transient DOS while processing PDU Release command with a parameter PDU ID out of range.

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.