Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.

Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.

Memory corruption when IOCTL call is invoked from user-space to read board data.

Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.

Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

Memory corruption while validating number of devices in Camera kernel .

Memory corruption may occour while generating test pattern due to negative indexing of display ID.

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

Memory corruption during array access in Camera kernel due to invalid index from invalid command data.

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

Memory corruption while encoding JPEG format.

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Memory corruption while processing camera use case IOCTL call.

Memory corruption while processing IOCTL calls.

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

Memory corruption while maintaining memory maps of HLOS memory.

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

Memory corruption while processing API calls to NPU with invalid input.

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Memory corruption while processing command in Glink linux.

Memory corruption while handling session errors from firmware.

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150

Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking