114 known vulnerabilities · sorted by CVSS score
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in HLOS while running playready use-case.
Memory corruption in Core Services while executing the command for removing a single event listener.
Memory corruption due to double free in core while initializing the encryption key.
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
Memory corruption in Audio during playback with speaker protection.
Memory corruption when two threads try to map and unmap a single node simultaneously.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption in Graphics while importing a file.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption when there is failed unmap operation in GPU.
Memory corruption in Audio while processing RT proxy port register driver.
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.