CVE-2024-45569

Memory corruption while parsing the ML IE due to invalid frame content.

CVE-2025-21424

Memory corruption while calling the NPU driver APIs concurrently.

CVE-2025-21467

Memory corruption while reading the FW response from the shared queue.

CVE-2024-45558

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

CVE-2025-21459

Transient DOS while parsing per STA profile in ML IE.

CVE-2024-53027

Transient DOS may occur while processing the country IE.

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

CVE-2024-38416

Information disclosure during audio playback.

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

CVE-2024-49839

Memory corruption during management frame processing due to mismatch in T2LM info element.

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2024-53024

Memory corruption in display driver while detaching a device.

CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2024-49835

Memory corruption while reading secure file.

CVE-2024-45555

Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.

CVE-2025-21460

Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.

CVE-2024-49845

Memory corruption during the FRS UDS generation process.

CVE-2024-45564

Memory corruption during concurrent access to server info object due to incorrect reference count update.

CVE-2024-45562

Memory corruption during concurrent access to server info object due to unprotected critical field.

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

CVE-2025-21462

Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.

CVE-2024-33041

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,

CVE-2024-45581

Memory corruption while sound model registration for voice activation with audio kernel driver.

CVE-2024-45570

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

CVE-2024-49842

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

CVE-2024-33055

Memory corruption while invoking IOCTL calls to unmap the DMA buffers.

CVE-2024-43060

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

CVE-2024-53011

Information disclosure may occur due to improper permission and access controls to Video Analytics engine.

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

CVE-2024-53023

Memory corruption may occur while accessing a variable during extended back to back tests.

CVE-2024-53028

Memory corruption may occur while processing message from frontend during allocation.

CVE-2024-38417

Information disclosure while processing IO control commands.

CVE-2024-38418

Memory corruption while parsing the memory map info in IOCTL calls.

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

CVE-2024-43061

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

CVE-2024-53030

Memory corruption while processing input message passed from FE driver.

CVE-2024-38414

Information disclosure while processing information on firmware image during core initialization.

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2024-43057

Memory corruption while processing command in Glink linux.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-21454

Transient DOS while processing received beacon frame.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.