83 known vulnerabilities · sorted by CVSS score
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Memory corruption in HLOS while running playready use-case.
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption in Audio during playback with speaker protection.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.