230 matches found
CVE-2023-33056
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2022-40507
Memory corruption due to double free in Core while mapping HLOS address to the list.
CVE-2023-21658
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
CVE-2023-28578
Memory corruption in Core Services while executing the command for removing a single event listener.
CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel.
CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame.
CVE-2024-33034
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
CVE-2022-25733
Denial of service in modem due to null pointer dereference while processing DNS packets
CVE-2022-25734
Denial of service in modem due to missing null check while processing IP packets with padding
CVE-2023-21661
Transient DOS while parsing WLAN beacon or probe-response frame.
CVE-2023-28538
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
CVE-2023-33014
Information disclosure in Core services while processing a Diag command.
CVE-2023-43519
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.
CVE-2024-23382
Memory corruption while processing graphics kernel driver request to create DMA fence.
CVE-2022-25738
Information disclosure in modem due to buffer over-red while performing checksum of packet received
CVE-2023-21651
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image.
CVE-2023-24853
Memory Corruption in HLOS while registering for key provisioning notify.
CVE-2023-33109
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
CVE-2023-43549
Memory corruption while processing TPC target power table in FTM TPC.
CVE-2024-33023
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request.
CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction.
CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields.
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVE-2023-33081
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
CVE-2023-43548
Memory corruption while parsing qcp clip with invalid chunk data size.
CVE-2024-23363
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
CVE-2024-33012
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
CVE-2022-25732
Information disclosure in modem due to buffer over read in dns client due to missing length check
CVE-2022-33307
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
CVE-2023-21662
Memory corruption in Core Platform while printing the response buffer in log.
CVE-2023-24850
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
CVE-2023-28545
Memory corruption in TZ Secure OS while loading an app ELF.
CVE-2023-43523
Transient DOS while processing 11AZ RTT management action frame received through OTA.
CVE-2024-33020
Transient DOS while processing TID-to-link mapping IE elements.
CVE-2022-25729
Memory corruption in modem due to improper length check while copying into memory
CVE-2023-21664
Memory Corruption in Core Platform while printing the response buffer in log.
CVE-2023-33046
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
CVE-2023-33048
Transient DOS in WLAN Firmware while parsing t2lm buffers.
CVE-2023-33062
Transient DOS in WLAN Firmware while parsing a BTM request.
CVE-2024-33010
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
CVE-2022-25730
Information disclosure in modem due to improper check of IP type while processing DNS server query
CVE-2022-33304
Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.
CVE-2022-40527
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
CVE-2023-21660
Transient DOS in WLAN Firmware while parsing FT Information Elements.