50 matches found
CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP.
CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
CVE-2024-43048
Memory corruption when invalid input is passed to invoke GPU Headroom API call.
CVE-2023-43513
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2023-33120
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
CVE-2023-22388
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
CVE-2023-28588
Transient DOS in Bluetooth Host while rfc slot allocation.
CVE-2024-33063
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
CVE-2024-43052
Memory corruption while processing API calls to NPU with invalid input.
CVE-2023-33110
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.
CVE-2023-24849
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
CVE-2023-33064
Transient DOS in Audio when invoking callback function of ASM driver.
CVE-2023-28570
Memory corruption while processing audio effects.
CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition.
CVE-2023-33065
Information disclosure in Audio while accessing AVCS services from ADSP payload.
CVE-2024-23386
memory corruption when WiFi display APIs are invoked with large random inputs.
CVE-2023-24848
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2023-33068
Memory corruption in Audio while processing IIR config data from AFE calibration block.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2023-33067
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
CVE-2024-33043
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVE-2023-33033
Memory corruption in Audio during playback with speaker protection.
CVE-2023-33069
Memory corruption in Audio while processing the calibration data returned from ACDB loader.
CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name.
CVE-2023-24850
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
CVE-2023-33030
Memory corruption in HLOS while running playready use-case.
CVE-2024-38423
Memory corruption while processing GPU page table switch.
CVE-2023-22385
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-33070
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
CVE-2024-33044
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
CVE-2024-43049
Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.
CVE-2024-43053
Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.
CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA.
CVE-2023-28551
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-38410
Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
CVE-2024-33027
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
CVE-2024-38406
Memory corruption while handling IOCTL calls in JPEG Encoder driver.
CVE-2024-43050
Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.
CVE-2024-33031
Memory corruption while processing the update SIM PB records request.
CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
CVE-2024-38407
Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.
CVE-2024-38424
Memory corruption during GNSS HAL process initialization.
CVE-2024-33068
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-38403
Transient DOS while parsing BTM ML IE when per STA profile is not included.
CVE-2024-38409
Memory corruption while station LL statistic handling.
CVE-2024-23357
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.