37 known vulnerabilities · sorted by CVSS score
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption due to double free in core while initializing the encryption key.
Memory corruption in HLOS while running playready use-case.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory corruption in Audio during playback with speaker protection.
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.
Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
Memory corruption while processing voice packet with arbitrary data received from ADSP.
Memory corruption while processing API calls to NPU with invalid input.
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.