CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

CVE-2023-33029

Memory corruption in DSP Service during a remote call from HLOS to DSP.

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

CVE-2023-21630

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...

CVE-2022-33307

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

CVE-2021-30336

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables