21 known vulnerabilities · sorted by CVSS score
Memory corruption when two threads try to map and unmap a single node simultaneously.
Memory Corruption in Audio while allocating the ion buffer during the music playback.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
Memory corruption in WLAN HAL while handling command through WMI interfaces.
Memory corruption while calling the NPU driver APIs concurrently.
Memory Corruption in WLAN HOST while fetching TX status information.
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
Memory corruption in WLAN HAL while parsing WMI command parameters.
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
Memory corruption may occur while validating ports and channels in Audio driver.
Transient DOS may occur while processing malformed length field in SSID IEs.
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.
Information disclosure while deriving keys for a session for any Widevine use case.