| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption when programming registers through virtual CDM. |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
| Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| Memory corruption while retrieving the CBOR data from TA. |
| Memory corruption while processing data packets in diag received from Unix clients. |
| Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. |
| Cryptographic issue occurs due to use of insecure connection method while downloading. |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Information disclosure may occur due to improper permission and access controls to Video Analytics engine. |
| Transient DOS may occur while processing the country IE. |
| Transient DOS during hypervisor virtual I/O operation in a virtual machine. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Information disclosure while deriving keys for a session for any Widevine use case. |
| Memory corruption in display driver while detaching a device. |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Memory corruption may occur while validating ports and channels in Audio driver. |
| Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests. |
| Memory corruption while processing manipulated payload in video firmware. |
| Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
