CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

CVE-2023-33020

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

CVE-2022-22079

Denial of service while processing fastboot flash command on mmc due to buffer over read

CVE-2023-21644

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

CVE-2022-25715

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

CVE-2022-25717

Memory corruption in display due to double free while allocating frame buffer memory

CVE-2023-21633

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

CVE-2023-21635

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

CVE-2022-33299

Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data.

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback