CVE-2024-45569

Memory corruption while parsing the ML IE due to invalid frame content.

CVE-2025-21424

Memory corruption while calling the NPU driver APIs concurrently.

CVE-2025-21467

Memory corruption while reading the FW response from the shared queue.

CVE-2024-45558

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

CVE-2025-21459

Transient DOS while parsing per STA profile in ML IE.

CVE-2024-49833

Memory corruption can occur in the camera when an invalid CID is used.

CVE-2024-53027

Transient DOS may occur while processing the country IE.

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

CVE-2024-49834

Memory corruption while power-up or power-down sequence of the camera sensor.

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

CVE-2024-49839

Memory corruption during management frame processing due to mismatch in T2LM info element.

CVE-2024-45582

Memory corruption while validating number of devices in Camera kernel .

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2024-53024

Memory corruption in display driver while detaching a device.

CVE-2024-49832

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2024-49835

Memory corruption while reading secure file.

CVE-2025-21475

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

CVE-2024-49845

Memory corruption during the FRS UDS generation process.

CVE-2025-21470

Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.

CVE-2024-45541

Memory corruption when IOCTL call is invoked from user-space to read board data.

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

CVE-2025-21469

Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.

CVE-2024-33041

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,

CVE-2024-38411

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.

CVE-2024-45573

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

CVE-2024-49842

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

CVE-2024-33055

Memory corruption while invoking IOCTL calls to unmap the DMA buffers.

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

CVE-2024-45560

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

CVE-2024-45542

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2025-21466

Memory corruption while processing a private escape command in an event trigger.

CVE-2025-27046

Memory corruption while processing multiple simultaneous escape calls.

CVE-2025-27055

Memory corruption during the image encoding process.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

CVE-2025-27047

Memory corruption while processing the TESTPATTERNCONFIG escape path.

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly.