CVE-2024-23352

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.

CVE-2024-23350

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CVE-2024-23355

Memory corruption when keymaster operation imports a shared key.

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVE-2024-21479

Transient DOS during music playback of ALAC content.

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2025-21454

Transient DOS while processing received beacon frame.

CVE-2025-21466

Memory corruption while processing a private escape command in an event trigger.

CVE-2025-27046

Memory corruption while processing multiple simultaneous escape calls.

CVE-2025-27055

Memory corruption during the image encoding process.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-21449

Transient DOS may occur while processing malformed length field in SSID IEs.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

CVE-2025-27044

Memory corruption while executing timestamp video decode command with large input values.

CVE-2025-27047

Memory corruption while processing the TESTPATTERNCONFIG escape path.

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly.

CVE-2025-27051

Memory corruption while processing command message in WLAN Host.

CVE-2025-27052

Memory corruption while processing data packets in diag received from Unix clients.

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

CVE-2025-27058

Memory corruption while processing packet data with exceedingly large packet.