CVE-2022-33230

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

CVE-2022-33267

Memory corruption in Linux while sending DRM request.

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

CVE-2023-33024

Memory corruption while sending SMS from AP firmware.

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

CVE-2023-21632

Memory corruption in Automotive GPU while querying a gsl memory node.

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA buffer.

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music playback.

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

CVE-2023-33020

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.

CVE-2023-33071

Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities.

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2022-22079

Denial of service while processing fastboot flash command on mmc due to buffer over read

CVE-2023-21638

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.

CVE-2023-21644

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

CVE-2022-25717

Memory corruption in display due to double free while allocating frame buffer memory

CVE-2022-40519

Information disclosure due to buffer overread in Core

CVE-2023-21633

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

CVE-2023-21635

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

CVE-2022-33218

Memory corruption in Automotive due to improper input validation.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

CVE-2022-33299

Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data.

CVE-2022-33300

Memory corruption in Automotive Android OS due to improper input validation.

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow