21 known vulnerabilities · sorted by CVSS score
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Memory Corruption when adding user-supplied data without checking available buffer space.
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Memory corruption during PlayReady APP usecase while processing TA commands.
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while processing a malformed license file during reboot.
Memory corruption while using alignments for memory allocation.
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
Memory Corruption when accessing buffers with invalid length during TA invocation.
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
Memory corruption while processing shared command buffer packet between camera userspace and kernel.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
Information disclosure while processing a firmware event.
Transient DOS while parsing video packets received from the video firmware.