CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

CVE-2023-33110

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.

CVE-2023-33068

Memory corruption in Audio while processing IIR config data from AFE calibration block.

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

CVE-2023-33067

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

CVE-2023-33069

Memory corruption in Audio while processing the calibration data returned from ACDB loader.

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2024-38423

Memory corruption while processing GPU page table switch.

CVE-2024-33056

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.