| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests. |
| Memory corruption while processing data packets in diag received from Unix clients. |
| Information disclosure while deriving keys for a session for any Widevine use case. |
| Memory corruption during management frame processing due to mismatch in T2LM info element. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Memory corruption in SPS Application while requesting for public key in sorter TA. |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. |
| Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. |
| Memory corruption when multiple listeners are being registered with the same file descriptor. |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host. |
| Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. |
| Memory corruption in Automotive Multimedia due to improper access control in HAB. |
| Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. |
| Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. |
| Information disclosure while parsing the OCI IE with invalid length. |
| Memory corruption while power-up or power-down sequence of the camera sensor. |
