67 matches found
CVE-2024-45569
Memory corruption while parsing the ML IE due to invalid frame content.
CVE-2025-21424
Memory corruption while calling the NPU driver APIs concurrently.
CVE-2025-21467
Memory corruption while reading the FW response from the shared queue.
CVE-2024-45558
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
CVE-2025-21468
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
CVE-2025-21459
Transient DOS while parsing per STA profile in ML IE.
CVE-2024-53027
Transient DOS may occur while processing the country IE.
CVE-2024-45571
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2024-49838
Information disclosure while parsing the OCI IE with invalid length.
CVE-2024-49839
Memory corruption during management frame processing due to mismatch in T2LM info element.
CVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2024-53024
Memory corruption in display driver while detaching a device.
CVE-2024-53014
Memory corruption may occur while validating ports and channels in Audio driver.
CVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
CVE-2024-38416
Information disclosure during audio playback.
CVE-2024-49835
Memory corruption while reading secure file.
CVE-2025-21460
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
CVE-2024-45555
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.
CVE-2024-49845
Memory corruption during the FRS UDS generation process.
CVE-2024-45562
Memory corruption during concurrent access to server info object due to unprotected critical field.
CVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2024-33041
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,
CVE-2024-45564
Memory corruption during concurrent access to server info object due to incorrect reference count update.
CVE-2025-21462
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
CVE-2024-45581
Memory corruption while sound model registration for voice activation with audio kernel driver.
CVE-2024-49842
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
CVE-2024-53011
Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
CVE-2024-33055
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.
CVE-2024-45570
Memory corruption may occur during IO configuration processing when the IO port count is invalid.
CVE-2024-49841
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2024-33067
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
CVE-2024-53023
Memory corruption may occur while accessing a variable during extended back to back tests.
CVE-2024-43060
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
CVE-2024-53013
Memory corruption may occur while processing voice call registration with user.
CVE-2024-53028
Memory corruption may occur while processing message from frontend during allocation.
CVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
CVE-2024-38417
Information disclosure while processing IO control commands.
CVE-2024-38418
Memory corruption while parsing the memory map info in IOCTL calls.
CVE-2024-38420
Memory corruption while configuring a Hypervisor based input virtual device.
CVE-2024-43051
Information disclosure while deriving keys for a session for any Widevine use case.
CVE-2024-53030
Memory corruption while processing input message passed from FE driver.
CVE-2025-21443
Memory corruption while processing message content in eAVB.
CVE-2024-43057
Memory corruption while processing command in Glink linux.
CVE-2024-43061
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
CVE-2025-21437
Memory corruption while processing memory map or unmap IOCTL operations simultaneously.
CVE-2024-38414
Information disclosure while processing information on firmware image during core initialization.
CVE-2024-43056
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
CVE-2025-21431
Information disclosure may be there when a guest VM is connected.
CVE-2024-53019
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
CVE-2025-21425
Memory corruption may occur due top improper access control in HAB process.