87 known vulnerabilities · sorted by CVSS score
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in HLOS while running playready use-case.
Memory corruption in Core while processing control functions.
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
Memory corruption while running VK synchronization with KASAN enabled.
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
Memory corruption in Audio during playback with speaker protection.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
Memory corruption in TZ Secure OS while loading an app ELF.
Memory corruption while loading an ELF segment in TEE Kernel.
Memory corruption while processing API calls to NPU with invalid input.
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.