CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

CVE-2022-40539

Memory corruption in Automotive Android OS due to improper validation of array index.

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

CVE-2023-21663

Memory Corruption while accessing metadata in Display.

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec decoding.

CVE-2023-28568

Information disclosure in WLAN HAL when reception status handler is called.

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

CVE-2023-21655

Memory corruption in Audio while validating and mapping metadata.

CVE-2023-28570

Memory corruption while processing audio effects.

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA buffer.

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

CVE-2022-40534

Memory corruption due to improper validation of array index in Audio.

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

CVE-2023-28556

Cryptographic issue in HLOS during key management.

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info command.

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

CVE-2023-21650

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

CVE-2022-40521

Transient DOS due to improper authorization in Modem

CVE-2023-21630

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

CVE-2023-24847

Transient DOS in Modem while allocating DSM items.

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

CVE-2022-33227

Memory corruption in Linux android due to double free while calling unregister provider after register call.

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

CVE-2022-40535

Transient DOS due to buffer over-read in WLAN while sending a packet to device.

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.