14 known vulnerabilities · sorted by CVSS score
Memory corruption while routing GPR packets between user and root when handling large data packet.
Memory Corruption when accessing buffers with invalid length during TA invocation.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while using alignments for memory allocation.
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
Memory corruption while processing shared command buffer packet between camera userspace and kernel.
Memory corruption while processing a config call from userspace.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
Information disclosure while sending implicit broadcast containing APP launch information.
Information disclosure while processing a firmware event.
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
Transient DOS while parsing video packets received from the video firmware.
Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.