CVE-2022-33291

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

CVE-2023-33110

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

CVE-2023-33072

Memory corruption in Core while processing control functions.

CVE-2023-28556

Cryptographic issue in HLOS during key management.

CVE-2022-40521

Transient DOS due to improper authorization in Modem

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

CVE-2022-33304

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVE-2024-21465

Memory corruption while processing key blob passed by the user.

CVE-2022-40505

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

CVE-2022-33287

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVE-2024-33056

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

CVE-2024-21461

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

CVE-2024-21462

Transient DOS while loading the TA ELF file.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.