46 known vulnerabilities · sorted by CVSS score
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Memory corruption when two threads try to map and unmap a single node simultaneously.
Memory corruption when there is failed unmap operation in GPU.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory corruption in Audio while processing RT proxy port register driver.
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Memory corruption may occur while accessing a variable during extended back to back tests.
Memory corruption during concurrent buffer access due to modification of the reference count.
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
Memory corruption while power-up or power-down sequence of the camera sensor.
Memory corruption during concurrent SSR execution due to race condition on the global maps list.
Memory corruption while parsing the memory map info in IOCTL calls.
Memory corruption may occour while generating test pattern due to negative indexing of display ID.
Memory corruption when user provides data for FM HCI command control operations.
Memory corruption while triggering commands in the PlayReady Trusted application.
Memory corruption while handling IOCTL call from user-space to set latency level.
Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.
Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.
Memory corruption when blob structure is modified by user-space after kernel verification.