62 matches found
CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory.
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2025-21467
Memory corruption while reading the FW response from the shared queue.
CVE-2023-33111
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.
CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2024-21475
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer.
CVE-2024-33060
Memory corruption when two threads try to map and unmap a single node simultaneously.
CVE-2023-33101
Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
CVE-2024-38416
Information disclosure during audio playback.
CVE-2024-49838
Information disclosure while parsing the OCI IE with invalid length.
CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2023-43521
Memory corruption when multiple listeners are being registered with the same file descriptor.
CVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2024-33052
Memory corruption when user provides data for FM HCI command control operations.
CVE-2023-33066
Memory corruption in Audio while processing RT proxy port register driver.
CVE-2023-33090
Transient DOS while processing channel information for speaker protection v2 module in ADSP.
CVE-2024-33048
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
CVE-2023-28578
Memory corruption in Core Services while executing the command for removing a single event listener.
CVE-2023-43549
Memory corruption while processing TPC target power table in FTM TPC.
CVE-2023-33099
Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.
CVE-2024-49835
Memory corruption while reading secure file.
CVE-2023-43548
Memory corruption while parsing qcp clip with invalid chunk data size.
CVE-2024-21471
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
CVE-2023-33086
Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.
CVE-2023-43551
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
CVE-2023-33095
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.
CVE-2023-43539
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
CVE-2023-33096
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.
CVE-2023-33104
Transient DOS while processing PDU Release command with a parameter PDU ID out of range.
CVE-2024-49845
Memory corruption during the FRS UDS generation process.
CVE-2023-43524
Memory corruption when the bandpass filter order received from AHAL is not within the expected range.
CVE-2024-45564
Memory corruption during concurrent access to server info object due to incorrect reference count update.
CVE-2024-45562
Memory corruption during concurrent access to server info object due to unprotected critical field.
CVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2023-33119
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
CVE-2024-21476
Memory corruption when the channel ID passed by user is not validated and further used.
CVE-2024-45570
Memory corruption may occur during IO configuration processing when the IO port count is invalid.
CVE-2024-49842
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
CVE-2023-43527
Information disclosure while parsing dts header atom in Video.
CVE-2024-45566
Memory corruption during concurrent buffer access due to modification of the reference count.
CVE-2024-49841
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2023-43528
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVE-2023-43542
Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.
CVE-2024-33067
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
CVE-2023-43531
Memory corruption while verifying the serialized header when the key pairs are generated.
CVE-2023-43538
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
CVE-2024-38418
Memory corruption while parsing the memory map info in IOCTL calls.
CVE-2024-38420
Memory corruption while configuring a Hypervisor based input virtual device.
CVE-2023-43530
Memory corruption in HLOS while checking for the storage type.