31 matches found
CVE-2024-38402
Memory corruption while processing IOCTL call for getting group info.
CVE-2025-21468
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
CVE-2024-21475
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition.
CVE-2024-49833
Memory corruption can occur in the camera when an invalid CID is used.
CVE-2024-53027
Transient DOS may occur while processing the country IE.
CVE-2024-38415
Memory corruption while handling session errors from firmware.
CVE-2024-49834
Memory corruption while power-up or power-down sequence of the camera sensor.
CVE-2024-33042
Memory corruption when Alternative Frequency offset value is set to 255.
CVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2024-33052
Memory corruption when user provides data for FM HCI command control operations.
CVE-2024-53024
Memory corruption in display driver while detaching a device.
CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
CVE-2024-53014
Memory corruption may occur while validating ports and channels in Audio driver.
CVE-2024-33038
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
CVE-2024-21465
Memory corruption while processing key blob passed by the user.
CVE-2024-21469
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-33012
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVE-2024-33010
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-33011
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-38424
Memory corruption during GNSS HAL process initialization.
CVE-2024-23356
Memory corruption during session sign renewal request calls in HLOS.
CVE-2024-21479
Transient DOS during music playback of ALAC content.
CVE-2025-21422
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
CVE-2025-27061
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-21432
Memory corruption while retrieving the CBOR data from TA.
CVE-2025-27042
Memory corruption while processing video packets received from video firmware.