16 known vulnerabilities · sorted by CVSS score
Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile
Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while routing GPR packets between user and root when handling large data packet.
Memory corruption while processing MFC channel configuration during music playback.
Memory corruption while handling IOCTL calls to set mode.
Transient DOS while parsing the EPTM test control message to get the test pattern.
Memory corruption while processing a config call from userspace.
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
Memory corruption while processing shared command buffer packet between camera userspace and kernel.
Memory corruption while processing IOCTL calls to unmap the buffers.
Memory corruption while accessing a synchronization object during concurrent operations.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Information disclosure while processing a firmware event.
Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.
Transient DOS while parsing video packets received from the video firmware.