59 known vulnerabilities · sorted by CVSS score
Memory corruption in Modem while processing security related configuration before AS Security Exchange.
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
Memory corruption due to double free in core while initializing the encryption key.
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
Cryptographic issue in Data Modem due to improper authentication during TLS handshake.
Improper Access to the VM resource manager can lead to Memory Corruption.
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
Memory corruption in DSP Service during a remote call from HLOS to DSP.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
Memory corruption in Graphics while importing a file.
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.