CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

CVE-2023-33117

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.

CVE-2023-33113

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

CVE-2023-33085

Memory corruption in wearables while processing data from AON.

CVE-2023-33040

Transient DOS in Data Modem during DTLS handshake.

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2023-33112

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

CVE-2023-33038

Memory corruption while receiving a message in Bus Socket Transport Server.