| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| Memory corruption while processing data packets in diag received from Unix clients. |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
| Memory corruption when BTFM client sends new messages over Slimbus to ADSP. |
| Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
| Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Memory corruption while processing manipulated payload in video firmware. |
| Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. |
| Memory corruption while processing video packets received from video firmware. |
| Memory corruption while processing command in Glink linux. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Memory corruption during concurrent access to server info object due to unprotected critical field. |
