CVE-2024-38416

Information disclosure during audio playback.

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

CVE-2024-38417

Information disclosure while processing IO control commands.

CVE-2024-23370

Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.

CVE-2024-23378

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.

CVE-2024-33029

Memory corruption while handling the PDR in driver for getting the remote heap maps.

CVE-2024-33030

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

CVE-2024-23350

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.