26 known vulnerabilities · sorted by CVSS score
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
Memory Corruption in HLOS while registering for key provisioning notify.
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
Memory corruption while processing IOCTL handler in FastRPC.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
Memory corruption in WLAN HAL while parsing WMI command parameters.
Memory corruption in WLAN HAL while handling command through WMI interfaces.
Memory corruption while processing key blob passed by the user.
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
Transient DOS in WLAN Firmware while parsing rsn ies.
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
Transient DOS in WLAN Firmware while parsing a NAN management frame.
Transient DOS in WLAN Firmware while parsing no-inherit IES.
Transient DOS in WLAN Firmware while processing frames with missing header fields.