160 known vulnerabilities · sorted by CVSS score
Memory corruption while processing MBSSID beacon containing several subelement IE.
Memory corruption in Hypervisor when platform information mentioned is not aligned.
Memory corruption in Core Services while executing the command for removing a single event listener.
Memory corruption in Core while processing control functions.
Improper Access to the VM resource manager can lead to Memory Corruption.
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption in DSP Service during a remote call from HLOS to DSP.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.
Memory corruption when two threads try to map and unmap a single node simultaneously.
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued.