CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2021-30314

Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CVE-2024-23377

Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

CVE-2024-38424

Memory corruption during GNSS HAL process initialization.

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CVE-2024-23355

Memory corruption when keymaster operation imports a shared key.

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVE-2024-21479

Transient DOS during music playback of ALAC content.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2025-21454

Transient DOS while processing received beacon frame.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-21449

Transient DOS may occur while processing malformed length field in SSID IEs.