74 known vulnerabilities · sorted by CVSS score
Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in HLOS while running playready use-case.
Memory corruption in Core while processing control functions.
Memory corruption while running VK synchronization with KASAN enabled.
Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
Memory corruption in Audio during playback with speaker protection.
Memory corruption while allocating memory in HGSL driver.
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption while processing IOCTL call to set metainfo.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.