45 known vulnerabilities · sorted by CVSS score
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in HLOS while running playready use-case.
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Memory corruption in Core while processing control functions.
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Memory corruption in Audio while processing RT proxy port register driver.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption in Audio during playback with speaker protection.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.
Memory corruption in TZ Secure OS while loading an app ELF.
Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
Memory corruption while loading an ELF segment in TEE Kernel.
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.