28 known vulnerabilities · sorted by CVSS score
Cryptographic issue in Data Modem due to improper authentication during TLS handshake.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
Memory corruption while processing key blob passed by the user.
Memory corruption while using the UIM diag command to get the operators name.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
Memory corruption while processing event close when client process terminates abruptly.
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
Memory corruption while processing multiple simultaneous escape calls.
Transient DOS in Modem while allocating DSM items.
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
Transient DOS in WLAN Firmware while processing frames with missing header fields.