17 known vulnerabilities · sorted by CVSS score
Memory corruption in Core Services while executing the command for removing a single event listener.
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Memory corruption in Audio while processing RT proxy port register driver.
Memory corruption when there is failed unmap operation in GPU.
Memory Corruption in Audio while allocating the ion buffer during the music playback.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory corruption in Graphics while processing user packets for command submission.
Memory corruption when two threads try to map and unmap a single node simultaneously.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
Memory corruption when user provides data for FM HCI command control operations.
Memory corruption when Alternative Frequency offset value is set to 255.
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.