61 known vulnerabilities · sorted by CVSS score
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in HLOS while running playready use-case.
Memory corruption in Core while processing control functions.
Memory corruption in Audio during playback with speaker protection.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption while running VK synchronization with KASAN enabled.
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption in TZ Secure OS while loading an app ELF.
Memory corruption while loading an ELF segment in TEE Kernel.
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
Memory corruption while handling session errors from firmware.