30 matches found
CVE-2023-28553
Information Disclosure in WLAN Host when processing WMI event command.
CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command.
CVE-2023-28568
Information disclosure in WLAN HAL when reception status handler is called.
CVE-2023-28569
Information disclosure in WLAN HAL while handling command through WMI interfaces.
CVE-2023-28566
Information disclosure in WLAN HAL while handling the WMI state info command.
CVE-2023-21629
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
CVE-2024-23386
memory corruption when WiFi display APIs are invoked with large random inputs.
CVE-2024-38416
Information disclosure during audio playback.
CVE-2023-28554
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2024-33036
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
CVE-2023-21624
Information disclosure in DSP Services while loading dynamic module.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2024-23374
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
CVE-2023-43527
Information disclosure while parsing dts header atom in Video.
CVE-2023-43528
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVE-2024-33067
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
CVE-2024-38417
Information disclosure while processing IO control commands.
CVE-2024-23376
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.
CVE-2024-23377
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
CVE-2024-38414
Information disclosure while processing information on firmware image during core initialization.
CVE-2024-38425
Information disclosure while sending implicit broadcast containing APP launch information.
CVE-2024-23379
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.
CVE-2024-33037
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
CVE-2024-33030
Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.
CVE-2024-33053
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
CVE-2024-43056
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
CVE-2024-33032
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.
CVE-2024-23357
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
CVE-2025-21433
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.