137 matches found
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-33013
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2024-23369
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-38401
Memory corruption while processing concurrent IOCTL calls.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-38404
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
CVE-2024-33031
Memory corruption while processing the update SIM PB records request.
CVE-2024-33012
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-38419
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
CVE-2024-33020
Transient DOS while processing TID-to-link mapping IE elements.
CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33019
Transient DOS while parsing the received TID-to-link mapping action frame.
CVE-2024-33024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
CVE-2024-33010
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-33018
Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.
CVE-2024-33025
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-38408
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2024-33011
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-33030
Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.
CVE-2024-38424
Memory corruption during GNSS HAL process initialization.
CVE-2024-33068
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-38403
Transient DOS while parsing BTM ML IE when per STA profile is not included.
CVE-2024-33022
Memory corruption while allocating memory in HGSL driver.
CVE-2024-23357
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
CVE-2024-23352
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.
CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
CVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.
CVE-2024-21481
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
CVE-2024-23355
Memory corruption when keymaster operation imports a shared key.
CVE-2024-23356
Memory corruption during session sign renewal request calls in HLOS.
CVE-2024-21479
Transient DOS during music playback of ALAC content.
CVE-2024-33021
Memory corruption while processing IOCTL call to set metainfo.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.