CVE-2025-21479

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

CVE-2025-21480

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

CVE-2024-45569

Memory corruption while parsing the ML IE due to invalid frame content.

CVE-2025-21467

Memory corruption while reading the FW response from the shared queue.

CVE-2024-45558

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.

CVE-2025-21459

Transient DOS while parsing per STA profile in ML IE.

CVE-2024-45580

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

CVE-2024-53027

Transient DOS may occur while processing the country IE.

CVE-2024-49833

Memory corruption can occur in the camera when an invalid CID is used.

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

CVE-2024-49834

Memory corruption while power-up or power-down sequence of the camera sensor.

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

CVE-2024-49839

Memory corruption during management frame processing due to mismatch in T2LM info element.

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2024-53024

Memory corruption in display driver while detaching a device.

CVE-2024-49836

Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

CVE-2025-21485

Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.

CVE-2025-21486

Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.

CVE-2024-38416

Information disclosure during audio playback.

CVE-2024-53016

Memory corruption while processing I2C settings in Camera driver.

CVE-2024-53018

Memory corruption may occur while processing the OIS packet parser.

CVE-2024-45578

Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.

CVE-2024-45576

Memory corruption while prociesing command buffer buffer in OPE module.

CVE-2024-43059

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

CVE-2024-53011

Information disclosure may occur due to improper permission and access controls to Video Analytics engine.

CVE-2024-33055

Memory corruption while invoking IOCTL calls to unmap the DMA buffers.

CVE-2024-45554

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

CVE-2024-45570

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

CVE-2024-53023

Memory corruption may occur while accessing a variable during extended back to back tests.

CVE-2024-43060

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

CVE-2024-43062

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

CVE-2024-45575

Memory corruption Camera kernel when large number of devices are attached through userspace.

CVE-2024-38418

Memory corruption while parsing the memory map info in IOCTL calls.

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

CVE-2024-43061

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

CVE-2024-45563

Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session.

CVE-2024-45567

Memory corruption while encoding JPEG format.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

CVE-2024-45568

Memory corruption due to improper bounds check while command handling in camera-kernel driver.

CVE-2024-43055

Memory corruption while processing camera use case IOCTL call.

CVE-2024-45556

Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.

CVE-2024-43067

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

CVE-2024-45557

Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.