CVE-2023-33106

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

CVE-2023-21665

Memory corruption in Graphics while importing a file.

CVE-2023-33029

Memory corruption in DSP Service during a remote call from HLOS to DSP.

CVE-2023-33053

Memory corruption in Kernel while parsing metadata.

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

CVE-2023-33094

Memory corruption while running VK synchronization with KASAN enabled.

CVE-2023-43546

Memory corruption while invoking HGSL IOCTL context create.

CVE-2023-33114

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.

CVE-2023-43547

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

CVE-2023-33113

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

CVE-2024-33023

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

CVE-2024-33056

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

CVE-2024-21461

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

CVE-2024-33022

Memory corruption while allocating memory in HGSL driver.

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.