CVE-2022-40502

Transient DOS due to improper input validation in WLAN Host.

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

CVE-2022-40521

Transient DOS due to improper authorization in Modem

CVE-2023-21630

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

CVE-2023-24847

Transient DOS in Modem while allocating DSM items.

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

CVE-2023-33043

Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

CVE-2022-25715

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

CVE-2022-25717

Memory corruption in display due to double free while allocating frame buffer memory

CVE-2022-33227

Memory corruption in Linux android due to double free while calling unregister provider after register call.

CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

CVE-2022-40535

Transient DOS due to buffer over-read in WLAN while sending a packet to device.

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

CVE-2022-33273

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

CVE-2023-28574

Memory corruption in core services when Diag handler receives a command to configure event listeners.

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE-2022-33250

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

CVE-2022-33254

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

CVE-2022-34144

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

CVE-2023-21661

Transient DOS while parsing WLAN beacon or probe-response frame.

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

CVE-2022-33272

Transient DOS in modem due to reachable assertion.

CVE-2022-40508

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.

CVE-2022-40536

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify.

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

CVE-2022-25746

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

CVE-2023-28540

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.