382 matches found
CVE-2023-33106
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
CVE-2025-21479
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory.
CVE-2025-21480
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2024-45569
Memory corruption while parsing the ML IE due to invalid frame content.
CVE-2023-28581
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
CVE-2023-28582
Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.
CVE-2025-21424
Memory corruption while calling the NPU driver APIs concurrently.
CVE-2023-33025
Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.
CVE-2024-43048
Memory corruption when invalid input is passed to invoke GPU Headroom API call.
CVE-2024-21472
Memory corruption in Kernel while handling GPU operations.
CVE-2023-28553
Information Disclosure in WLAN Host when processing WMI event command.
CVE-2023-43513
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2023-22388
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
CVE-2023-43534
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2024-43052
Memory corruption while processing API calls to NPU with invalid input.
CVE-2023-33120
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
CVE-2024-38402
Memory corruption while processing IOCTL call for getting group info.
CVE-2025-21467
Memory corruption while reading the FW response from the shared queue.
CVE-2023-28588
Transient DOS in Bluetooth Host while rfc slot allocation.
CVE-2024-21464
Memory corruption while processing IPA statistics, when there are no active clients registered.
CVE-2024-33063
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
CVE-2023-21631
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
CVE-2023-33111
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.
CVE-2023-33021
Memory corruption in Graphics while processing user packets for command submission.
CVE-2023-22387
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
CVE-2023-21671
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
CVE-2023-24851
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command.
CVE-2023-33058
Information disclosure in Modem while processing SIB5.
CVE-2023-43520
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
CVE-2023-43550
Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
CVE-2023-43553
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
CVE-2023-24855
Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE-2023-28568
Information disclosure in WLAN HAL when reception status handler is called.
CVE-2023-33117
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.
CVE-2023-43552
Memory corruption while processing MBSSID beacon containing several subelement IE.
CVE-2023-24849
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
CVE-2023-28569
Information disclosure in WLAN HAL while handling command through WMI interfaces.
CVE-2023-33094
Memory corruption while running VK synchronization with KASAN enabled.
CVE-2024-23373
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
CVE-2023-43516
Memory corruption when malformed message payload is received from firmware.
CVE-2024-45558
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
CVE-2023-33114
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
CVE-2023-43546
Memory corruption while invoking HGSL IOCTL context create.
CVE-2023-28572
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.
CVE-2023-33064
Transient DOS in Audio when invoking callback function of ASM driver.
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.