23 known vulnerabilities · sorted by CVSS score
Memory corruption due to global buffer overflow when a test command uses an invalid payload type.
Memory Corruption when accessing buffers with invalid length during TA invocation.
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Memory corruption while using alignments for memory allocation.
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Memory corruption while handling IOCTL calls to set mode.
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while processing MFC channel configuration during music playback.
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
Memory corruption while routing GPR packets between user and root when handling large data packet.
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
Memory corruption while processing a config call from userspace.
Memory corruption while processing shared command buffer packet between camera userspace and kernel.
Memory corruption while accessing a synchronization object during concurrent operations.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Transient DOS when an LTE RLC packet with invalid TB is received by UE.