66 matches found
CVE-2025-27038
Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
CVE-2025-21480
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2024-45569
Memory corruption while parsing the ML IE due to invalid frame content.
CVE-2025-21424
Memory corruption while calling the NPU driver APIs concurrently.
CVE-2025-21468
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
CVE-2024-45558
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
CVE-2024-49843
Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.
CVE-2025-21459
Transient DOS while parsing per STA profile in ML IE.
CVE-2024-45580
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.
CVE-2024-53027
Transient DOS may occur while processing the country IE.
CVE-2024-45571
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2024-49834
Memory corruption while power-up or power-down sequence of the camera sensor.
CVE-2024-49833
Memory corruption can occur in the camera when an invalid CID is used.
CVE-2024-45582
Memory corruption while validating number of devices in Camera kernel .
CVE-2024-49838
Information disclosure while parsing the OCI IE with invalid length.
CVE-2024-49839
Memory corruption during management frame processing due to mismatch in T2LM info element.
CVE-2025-21453
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-43048
Memory corruption when invalid input is passed to invoke GPU Headroom API call.
CVE-2024-53024
Memory corruption in display driver while detaching a device.
CVE-2024-49836
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.
CVE-2024-53014
Memory corruption may occur while validating ports and channels in Audio driver.
CVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
CVE-2025-21485
Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.
CVE-2024-33045
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVE-2024-38421
Memory corruption while processing GPU commands.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2025-21436
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.
CVE-2025-21486
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
CVE-2024-49835
Memory corruption while reading secure file.
CVE-2024-49845
Memory corruption during the FRS UDS generation process.
CVE-2024-49844
Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2024-49842
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
CVE-2024-53011
Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
CVE-2024-38426
While processing the authentication message in UE, improper authentication may lead to information disclosure.
CVE-2024-49841
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2024-23369
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
CVE-2025-27029
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
CVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
CVE-2024-43051
Information disclosure while deriving keys for a session for any Widevine use case.
CVE-2024-23377
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
CVE-2024-33033
Memory corruption while processing IOCTL calls to unmap the buffers.
CVE-2024-38419
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
CVE-2024-43056
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
CVE-2024-38424
Memory corruption during GNSS HAL process initialization.
CVE-2024-53019
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
CVE-2025-27057
Transient DOS while handling beacon frames with invalid IE header length.
CVE-2025-27042
Memory corruption while processing video packets received from video firmware.
CVE-2025-27061
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-27043
Memory corruption while processing manipulated payload in video firmware.