253 matches found
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-23369
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
CVE-2024-23381
Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.
CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-38413
Memory corruption while processing frame packets.
CVE-2024-53023
Memory corruption may occur while accessing a variable during extended back to back tests.
CVE-2023-43531
Memory corruption while verifying the serialized header when the key pairs are generated.
CVE-2024-38412
Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.
CVE-2024-53025
Transient DOS can occur while processing UCI command.
CVE-2023-43530
Memory corruption in HLOS while checking for the storage type.
CVE-2023-43538
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
CVE-2024-21460
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-38404
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
CVE-2024-38420
Memory corruption while configuring a Hypervisor based input virtual device.
CVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
CVE-2024-21477
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
CVE-2024-43051
Information disclosure while deriving keys for a session for any Widevine use case.
CVE-2024-23377
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
CVE-2024-33033
Memory corruption while processing IOCTL calls to unmap the buffers.
CVE-2024-38419
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
CVE-2023-43529
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
CVE-2024-43056
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
CVE-2024-45583
Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.
CVE-2024-38408
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2024-38424
Memory corruption during GNSS HAL process initialization.
CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2024-33068
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-38403
Transient DOS while parsing BTM ML IE when per STA profile is not included.
CVE-2023-43555
Information disclosure in Video while parsing mp2 clip with invalid section length.
CVE-2024-33022
Memory corruption while allocating memory in HGSL driver.
CVE-2024-23357
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
CVE-2024-21481
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
CVE-2024-23352
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.
CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
CVE-2024-23355
Memory corruption when keymaster operation imports a shared key.
CVE-2024-23356
Memory corruption during session sign renewal request calls in HLOS.
CVE-2024-33021
Memory corruption while processing IOCTL call to set metainfo.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2025-27061
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-27042
Memory corruption while processing video packets received from video firmware.
CVE-2025-27043
Memory corruption while processing manipulated payload in video firmware.
CVE-2025-27057
Transient DOS while handling beacon frames with invalid IE header length.
CVE-2025-21422
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
CVE-2025-21450
Cryptographic issue occurs due to use of insecure connection method while downloading.
CVE-2025-27052
Memory corruption while processing data packets in diag received from Unix clients.
CVE-2024-53009
Memory corruption while operating the mailbox in Automotive.
CVE-2025-21427
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
CVE-2025-21432
Memory corruption while retrieving the CBOR data from TA.