| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. |
| Memory corruption during dynamic process creation call when client is only passing address and length of shell binary. |
| Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources. |
| Memory corruption may occur while processing voice call registration with user. |
| Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. |
| Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. |
| Memory corruption while processing commands from A2dp sink command queue. |
| Memory corruption in HLOS while converting from authorization token to HIDL vector. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache. |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. |
| Transient DOS in Bluetooth Host while rfc slot allocation. |
| Memory corruption during concurrent access to server info object due to unprotected critical field. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory Corruption in Audio while allocating the ion buffer during the music playback. |
