| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| memory corruption when an invalid firehose patch command is invoked. |
| Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. |
| Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. |
| Memory corruption while processing video packets received from video firmware. |
| information disclosure while invoking calibration data from user space to update firmware size. |
| Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources. |
| Memory corruption may occur while processing voice call registration with user. |
| Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. |
| Memory corruption while processing commands from A2dp sink command queue. |
| Transient DOS during hypervisor virtual I/O operation in a virtual machine. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. |
| Memory corruption when there is failed unmap operation in GPU. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
| Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache. |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |