137 matches found
CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name.
CVE-2023-28576
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to ou...
CVE-2023-33054
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
CVE-2022-33266
Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.
CVE-2023-28558
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-21647
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.
CVE-2023-22385
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-28539
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-28557
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2023-33070
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
CVE-2023-28559
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
CVE-2022-40518
Information disclosure due to buffer overread in Core
CVE-2022-40520
Memory corruption due to stack-based buffer overflow in Core
CVE-2023-28579
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.
CVE-2023-28587
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
CVE-2022-33267
Memory corruption in Linux while sending DRM request.
CVE-2023-22383
Memory Corruption in camera while installing a fd for a particular DMA buffer.
CVE-2023-28580
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
CVE-2023-33017
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
CVE-2023-33088
Memory corruption when processing cmd parameters while parsing vdev.
CVE-2023-22667
Memory Corruption in Audio while allocating the ion buffer during the music playback.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2022-25715
Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields
CVE-2022-25717
Memory corruption in display due to double free while allocating frame buffer memory
CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA.
CVE-2022-40519
Information disclosure due to buffer overread in Core
CVE-2023-21633
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
CVE-2023-21654
Memory corruption in Audio during playback session with audio effects enabled.
CVE-2023-28551
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space.
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2022-25721
Memory corruption in video driver due to type confusion error during video playback
CVE-2022-40517
Memory corruption in core due to stack-based buffer overflow