| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. |
| Memory corruption in Audio while processing IIR config data from AFE calibration block. |
| Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| Memory corruption in Kernel while parsing metadata. |
| Memory corruption while processing IOCTL call for getting group info. |
| Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. |
| Memory corruption while playing audio file having large-sized input buffer. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. |
| Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| Memory corruption while triggering commands in the PlayReady Trusted application. |
| Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. |
| Transient DOS while parsing probe response and assoc response frame. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Memory corruption while processing data packets in diag received from Unix clients. |
