CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2023-33020

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

CVE-2022-33287

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

CVE-2023-21633

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVE-2022-33297

Information disclosure due to buffer overread in Linux sensors

CVE-2022-40519

Information disclosure due to buffer overread in Core

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2022-33299

Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data.

CVE-2022-33300

Memory corruption in Automotive Android OS due to improper input validation.

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow