| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption may occur while accessing a variable during extended back to back tests. |
| Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| Memory corruption while parsing the ML IE due to invalid frame content. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
| Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. |
| Memory corruption while retrieving the CBOR data from TA. |
| Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors. |
| Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. |
| Transient DOS may occur while processing malformed length field in SSID IEs. |
| Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. |
| Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. |
| Memory corruption while processing video packets received from video firmware. |
| Transient DOS while handling beacon frames with invalid IE header length. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Memory corruption while invoking HGSL IOCTL context create. |
| Transient DOS while processing DL NAS TRANSPORT message with payload length 0. |
| Information disclosure while handling T2LM Action Frame in WLAN Host. |
| Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received. |
