264 matches found
CVE-2024-33055
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.
CVE-2024-38426
While processing the authentication message in UE, improper authentication may lead to information disclosure.
CVE-2024-49841
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2023-43542
Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-23369
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-38413
Memory corruption while processing frame packets.
CVE-2024-53023
Memory corruption may occur while accessing a variable during extended back to back tests.
CVE-2023-43531
Memory corruption while verifying the serialized header when the key pairs are generated.
CVE-2025-27029
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
CVE-2023-43538
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
CVE-2024-38412
Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.
CVE-2024-53025
Transient DOS can occur while processing UCI command.
CVE-2023-43530
Memory corruption in HLOS while checking for the storage type.
CVE-2024-21460
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2024-38404
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
CVE-2024-38420
Memory corruption while configuring a Hypervisor based input virtual device.
CVE-2024-43051
Information disclosure while deriving keys for a session for any Widevine use case.
CVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
CVE-2024-21477
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
CVE-2024-23377
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
CVE-2024-33033
Memory corruption while processing IOCTL calls to unmap the buffers.
CVE-2024-38419
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
CVE-2023-43529
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
CVE-2024-43056
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
CVE-2024-45583
Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.
CVE-2024-38408
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2024-38424
Memory corruption during GNSS HAL process initialization.
CVE-2024-33068
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVE-2024-38403
Transient DOS while parsing BTM ML IE when per STA profile is not included.
CVE-2024-53019
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
CVE-2023-43555
Information disclosure in Video while parsing mp2 clip with invalid section length.
CVE-2024-45557
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
CVE-2024-33022
Memory corruption while allocating memory in HGSL driver.
CVE-2024-23357
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
CVE-2024-21481
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.
CVE-2024-23352
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.
CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
CVE-2024-23356
Memory corruption during session sign renewal request calls in HLOS.
CVE-2024-23355
Memory corruption when keymaster operation imports a shared key.
CVE-2024-33021
Memory corruption while processing IOCTL call to set metainfo.
CVE-2025-27057
Transient DOS while handling beacon frames with invalid IE header length.
CVE-2025-27061
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-27042
Memory corruption while processing video packets received from video firmware.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2025-27043
Memory corruption while processing manipulated payload in video firmware.