| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in Modem while processing security related configuration before AS Security Exchange. |
| Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. |
| Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. |
| Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. |
| Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| Memory corruption while playing audio file having large-sized input buffer. |
| Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. |
| Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. |
| Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. |
| Memory corruption while parsing the ADSP response command. |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
| Memory Corruption in Audio while invoking callback function in driver from ADSP. |
