36 matches found
CVE-2025-21424
Memory corruption while calling the NPU driver APIs concurrently.
CVE-2024-38402
Memory corruption while processing IOCTL call for getting group info.
CVE-2025-21467
Memory corruption while reading the FW response from the shared queue.
CVE-2023-22387
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
CVE-2023-24851
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
CVE-2023-43550
Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
CVE-2025-21468
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2023-28541
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
CVE-2023-28542
Memory Corruption in WLAN HOST while fetching TX status information.
CVE-2025-21459
Transient DOS while parsing per STA profile in ML IE.
CVE-2023-22386
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
CVE-2024-21475
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2023-24854
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
CVE-2024-49834
Memory corruption while power-up or power-down sequence of the camera sensor.
CVE-2023-33105
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
CVE-2024-53024
Memory corruption in display driver while detaching a device.
CVE-2024-33048
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
CVE-2024-53014
Memory corruption may occur while validating ports and channels in Audio driver.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
CVE-2023-33015
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
CVE-2023-28573
Memory corruption in WLAN HAL while parsing WMI command parameters.
CVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2024-33051
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVE-2023-43542
Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.
CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2025-21454
Transient DOS while processing received beacon frame.
CVE-2025-27061
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-21432
Memory corruption while retrieving the CBOR data from TA.
CVE-2025-21449
Transient DOS may occur while processing malformed length field in SSID IEs.
CVE-2025-27042
Memory corruption while processing video packets received from video firmware.
CVE-2025-27043
Memory corruption while processing manipulated payload in video firmware.
CVE-2025-27052
Memory corruption while processing data packets in diag received from Unix clients.