| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption when the IOCTL call is interrupted by a signal. |
| Transient DOS in Bluetooth Host while rfc slot allocation. |
| Memory corruption in SPS Application while requesting for public key in sorter TA. |
| Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. |
| Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. |
| Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. |
| Memory corruption while processing concurrent IOCTL calls. |
| Memory corruption when two threads try to map and unmap a single node simultaneously. |
| Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
| Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
| Memory Corruption in Data Modem while making a MO call or MT VOLTE call. |
| Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. |
| Memory corruption while processing IOCTL call for getting group info. |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory corruption in HLOS while running playready use-case. |
| Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
