31 matches found
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2024-43052
Memory corruption while processing API calls to NPU with invalid input.
CVE-2023-33072
Memory corruption in Core while processing control functions.
CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer.
CVE-2023-43533
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
CVE-2024-21475
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2024-38415
Memory corruption while handling session errors from firmware.
CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2023-43536
Transient DOS while parse fils IE with length equal to 1.
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.
CVE-2023-33066
Memory corruption in Audio while processing RT proxy port register driver.
CVE-2023-28578
Memory corruption in Core Services while executing the command for removing a single event listener.
CVE-2023-33033
Memory corruption in Audio during playback with speaker protection.
CVE-2023-33109
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2023-33030
Memory corruption in HLOS while running playready use-case.
CVE-2023-33062
Transient DOS in WLAN Firmware while parsing a BTM request.
CVE-2024-33036
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
CVE-2024-33044
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
CVE-2023-43522
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
CVE-2024-38423
Memory corruption while processing GPU page table switch.
CVE-2024-21469
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-21476
Memory corruption when the channel ID passed by user is not validated and further used.
CVE-2024-33051
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-33037
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
CVE-2024-38408
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2024-33053
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
CVE-2024-33032
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.