229 matches found
CVE-2023-33069
Memory corruption in Audio while processing the calibration data returned from ACDB loader.
CVE-2023-24849
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
CVE-2023-24855
Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE-2023-33058
Information disclosure in Modem while processing SIB5.
CVE-2024-21458
Information disclosure while handling SA query action frame.
CVE-2023-28570
Memory corruption while processing audio effects.
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2023-22668
Memory Corruption in Audio while invoking IOCTLs calls from the user-space.
CVE-2024-33028
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
CVE-2024-38405
Transient DOS while processing the CU information from RNR IE.
CVE-2023-28539
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
CVE-2023-33045
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
CVE-2023-33049
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.
CVE-2023-33072
Memory corruption in Core while processing control functions.
CVE-2023-21673
Improper Access to the VM resource manager can lead to Memory Corruption.
CVE-2023-28556
Cryptographic issue in HLOS during key management.
CVE-2023-43524
Memory corruption when the bandpass filter order received from AHAL is not within the expected range.
CVE-2023-43525
Memory corruption while copying the sound model data from user to kernel buffer during sound model register.
CVE-2024-21456
Information Disclosure while parsing beacon frame in STA.
CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer.
CVE-2023-33100
Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.
CVE-2023-43533
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
CVE-2024-21457
INformation disclosure while handling Multi-link IE in beacon frame.
CVE-2023-28580
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2023-43536
Transient DOS while parse fils IE with length equal to 1.
CVE-2023-24847
Transient DOS in Modem while allocating DSM items.
CVE-2023-33057
Transient DOS in Multi-Mode Call Processor while processing UE policy container.
CVE-2023-33101
Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
CVE-2023-43521
Memory corruption when multiple listeners are being registered with the same file descriptor.
CVE-2024-33013
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2023-33076
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
CVE-2024-21463
Memory corruption while processing Codec2 during v13k decoder pitch synthesis.
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2023-24848
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.
CVE-2024-21473
Memory corruption while redirecting log file to any file location with any file name.
CVE-2024-38416
Information disclosure during audio playback.
CVE-2023-28574
Memory corruption in core services when Diag handler receives a command to configure event listeners.
CVE-2023-33056
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
CVE-2023-33066
Memory corruption in Audio while processing RT proxy port register driver.
CVE-2023-33105
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
CVE-2023-28578
Memory corruption in Core Services while executing the command for removing a single event listener.
CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel.
CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2023-43528
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVE-2023-33099
Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.
CVE-2024-33012
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.