Memory Corruption in HLOS while registering for key provisioning notify.
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).
Memory Corruption in camera while installing a fd for a particular DMA buffer.
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
Memory Corruption in Audio while playing amrwbplus clips with modified content.
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
Memory corruption in Automotive GPU while querying a gsl memory node.
Memory Corruption in Core Platform while printing the response buffer in log.
Memory corruption in Linux while calling system configuration APIs.
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
Memory corruption in Audio during playback session with audio effects enabled.
Memory corruption in Linux when the file upload API is called with parameters having large buffer.
Memory corruption in RIL while trying to send apdu packet.
Memory corruption due to untrusted pointer dereference in automotive during system call.
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Memory Corruption while accessing metadata in Display.
Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
u'Potential buffer overflow when accessing npu debugfs node "off"/"log" with large buffer size' in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, SC8180X, SDX55, SM6150, SM7150, SM8150
Memory corruption while performing encryption and decryption commands.
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
Memory corruption while reading the FW response from the shared queue.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
Memory corruption while executing timestamp video decode command with large input values.
Memory corruption in Core due to stack-based buffer overflow.
Memory corruption in core due to stack-based buffer overflow
Memory corruption due to stack-based buffer overflow in Core
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
Memory corruption in Automotive Android OS due to improper input validation.
Memory corruption while configuring a Hypervisor based input virtual device.
u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Memory corruption when programming registers through virtual CDM.
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
KGSL syncsource lock not handled properly during syncsource cleanup can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, SD 210/SD 212/SD 205, SD 439 / SD 429, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24.
Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto
Memory corruption in Audio due to incorrect type cast during audio use-cases.
Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.