| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in Audio while processing the calibration data returned from ACDB loader. |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |
| Memory corruption when two threads try to map and unmap a single node simultaneously. |
| Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. |
| Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. |
| Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
| Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. |
| Memory corruption while using the UIM diag command to get the operators name. |
| Transient DOS in Automotive OS due to improper authentication to the secure IO calls. |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. |
| Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. |
| Memory corruption when user provides data for FM HCI command control operations. |
| Memory Corruption in Data Modem while making a MO call or MT VOLTE call. |
| Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. |
| Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. |
