CVE-2025-21424

Memory corruption while calling the NPU driver APIs concurrently.

CVE-2025-21467

Memory corruption while reading the FW response from the shared queue.

CVE-2024-45580

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

CVE-2024-53027

Transient DOS may occur while processing the country IE.

CVE-2024-49834

Memory corruption while power-up or power-down sequence of the camera sensor.

CVE-2024-38416

Information disclosure during audio playback.

CVE-2025-21453

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

CVE-2024-53024

Memory corruption in display driver while detaching a device.

CVE-2024-49836

Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.

CVE-2024-49832

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

CVE-2024-45577

Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.

CVE-2024-49847

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

CVE-2024-43064

Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.

CVE-2024-45564

Memory corruption during concurrent access to server info object due to incorrect reference count update.

CVE-2024-45562

Memory corruption during concurrent access to server info object due to unprotected critical field.

CVE-2024-45576

Memory corruption while prociesing command buffer buffer in OPE module.

CVE-2024-45578

Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

CVE-2024-43059

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

CVE-2024-45581

Memory corruption while sound model registration for voice activation with audio kernel driver.

CVE-2024-45554

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

CVE-2024-45573

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

CVE-2024-45561

Memory corruption while handling IOCTL call from user-space to set latency level.

CVE-2024-45570

Memory corruption may occur during IO configuration processing when the IO port count is invalid.

CVE-2024-49842

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

CVE-2024-38426

While processing the authentication message in UE, improper authentication may lead to information disclosure.

CVE-2024-43060

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

CVE-2024-43062

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

CVE-2024-45566

Memory corruption during concurrent buffer access due to modification of the reference count.

CVE-2024-49830

Memory corruption while processing an IOCTL call to set mixer controls.

CVE-2024-33061

Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

CVE-2024-45575

Memory corruption Camera kernel when large number of devices are attached through userspace.

CVE-2024-49829

Memory corruption can occur during context user dumps due to inadequate checks on buffer length.

CVE-2024-53023

Memory corruption may occur while accessing a variable during extended back to back tests.

CVE-2024-38404

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

CVE-2024-38417

Information disclosure while processing IO control commands.

CVE-2024-38418

Memory corruption while parsing the memory map info in IOCTL calls.

CVE-2024-45560

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

CVE-2024-43061

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

CVE-2024-45563

Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session.

CVE-2024-45567

Memory corruption while encoding JPEG format.

CVE-2024-45579

Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.

CVE-2024-43057

Memory corruption while processing command in Glink linux.

CVE-2024-45565

Memory corruption when blob structure is modified by user-space after kernel verification.

CVE-2024-45574

Memory corruption during array access in Camera kernel due to invalid index from invalid command data.

CVE-2024-45568

Memory corruption due to improper bounds check while command handling in camera-kernel driver.

CVE-2024-43055

Memory corruption while processing camera use case IOCTL call.

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.