CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

CVE-2022-40502

Transient DOS due to improper input validation in WLAN Host.

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2022-33220

Information disclosure in Automotive multimedia due to buffer over-read.

CVE-2022-33273

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

CVE-2022-33250

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

CVE-2022-33254

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout

CVE-2022-33272

Transient DOS in modem due to reachable assertion.

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

CVE-2022-25746

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

CVE-2022-33307

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in log.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2022-33260

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

CVE-2022-33263

Memory corruption due to use after free in Core when multiple DCI clients register and deregister.

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in log.

CVE-2022-40527

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

CVE-2023-21663

Memory Corruption while accessing metadata in Display.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

CVE-2022-40533

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.