| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in HLOS while checking for the storage type. |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Memory corruption when multiple listeners are being registered with the same file descriptor. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. |
| Memory corruption in Hypervisor when platform information mentioned is not aligned. |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Transient DOS while parsing per STA profile in ML IE. |
| Memory corruption while invoking IOCTL calls to unmap the DMA buffers. |
| Memory corruption during management frame processing due to mismatch in T2LM info element. |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
| Memory corruption while operating the mailbox in Automotive. |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory Corruption in camera while installing a fd for a particular DMA buffer. |
| Information disclosure in WLAN HAL while handling the WMI state info command. |
