10 matches found
CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory.
CVE-2024-21455
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.
CVE-2024-33049
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
CVE-2024-38397
Transient DOS while parsing probe response and assoc response frame.
CVE-2024-23374
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
CVE-2024-23369
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-23370
Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.
CVE-2024-23378
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
CVE-2024-23379
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.