| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Memory corruption during management frame processing due to mismatch in T2LM info element. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory Corruption in Core due to secure memory access by user while loading modem image. |
| Transient DOS while parsing per STA profile in ML IE. |
| Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host. |
| Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. |
| Memory corruption in Automotive Multimedia due to improper access control in HAB. |
| Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. |
| Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. |
| Weak configuration in Automotive while VM is processing a listener request from TEE. |
| Memory Corruption in HLOS while registering for key provisioning notify. |
| Memory corruption in Automotive Display while destroying the image handle created using connected display driver. |
| Information disclosure while parsing the OCI IE with invalid length. |
| Memory corruption while power-up or power-down sequence of the camera sensor. |
| Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. |
| Memory corruption can occur in the camera when an invalid CID is used. |
| Memory corruption while configuring a Hypervisor based input virtual device. |
| transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. |
