CVE-2024-33043

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

CVE-2024-38421

Memory corruption while processing GPU commands.

CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

CVE-2024-38423

Memory corruption while processing GPU page table switch.

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

CVE-2023-33058

Information disclosure in Modem while processing SIB5.

CVE-2024-21458

Information disclosure while handling SA query action frame.

CVE-2022-25713

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

CVE-2024-38405

Transient DOS while processing the CU information from RNR IE.

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

CVE-2024-21466

Information disclosure while parsing sub-IE length during new IE generation.

CVE-2024-23366

Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

CVE-2024-23384

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker.

CVE-2023-33049

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.

CVE-2023-33072

Memory corruption in Core while processing control functions.

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CVE-2024-21456

Information Disclosure while parsing beacon frame in STA.

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

CVE-2022-34146

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

CVE-2023-28556

Cryptographic issue in HLOS during key management.

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

CVE-2024-23383

Memory corruption when kernel driver attempts to trigger hardware fences.

CVE-2024-43063

information disclosure while invoking the mailbox read API.

CVE-2022-33306

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the Network.

CVE-2023-33100

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.

CVE-2023-33037

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.