54 matches found
CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
CVE-2023-43513
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2023-22388
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2023-33120
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
CVE-2023-28588
Transient DOS in Bluetooth Host while rfc slot allocation.
CVE-2022-40529
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
CVE-2023-28568
Information disclosure in WLAN HAL when reception status handler is called.
CVE-2023-24849
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
CVE-2023-28569
Information disclosure in WLAN HAL while handling command through WMI interfaces.
CVE-2024-23373
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
CVE-2023-33072
Memory corruption in Core while processing control functions.
CVE-2023-21673
Improper Access to the VM resource manager can lead to Memory Corruption.
CVE-2023-28566
Information disclosure in WLAN HAL while handling the WMI state info command.
CVE-2023-33036
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.
CVE-2023-43533
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition.
CVE-2023-33076
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies.
CVE-2023-24847
Transient DOS in Modem while allocating DSM items.
CVE-2023-43536
Transient DOS while parse fils IE with length equal to 1.
CVE-2022-40507
Memory corruption due to double free in Core while mapping HLOS address to the list.
CVE-2023-24848
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.
CVE-2022-33264
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request.
CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction.
CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel.
CVE-2022-33307
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image.
CVE-2023-33033
Memory corruption in Audio during playback with speaker protection.
CVE-2023-33109
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2024-33043
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVE-2023-28545
Memory corruption in TZ Secure OS while loading an app ELF.
CVE-2023-33030
Memory corruption in HLOS while running playready use-case.
CVE-2023-33062
Transient DOS in WLAN Firmware while parsing a BTM request.
CVE-2023-22385
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2024-21465
Memory corruption while processing key blob passed by the user.
CVE-2024-33044
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
CVE-2024-38423
Memory corruption while processing GPU page table switch.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2024-21469
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA.
CVE-2023-28551
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-21462
Transient DOS while loading the TA ELF file.