12 matches found
CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory.
CVE-2024-38399
Memory corruption while processing user packets to generate page faults.
CVE-2024-33049
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
CVE-2024-33069
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.
CVE-2024-38397
Transient DOS while parsing probe response and assoc response frame.
CVE-2024-23374
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
CVE-2024-23369
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-23376
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.
CVE-2024-33065
Memory corruption while taking snapshot when an offset variable is set by camera driver.
CVE-2024-38425
Information disclosure while sending implicit broadcast containing APP launch information.
CVE-2024-23379
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.