Memory Corruption while accessing metadata in Display.
Memory corruption in Graphics while importing a file.
Memory corruption due to untrusted pointer dereference in automotive during system call.
Memory corruption when user provides data for FM HCI command control operations.
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.
Memory corruption in Automotive GPU while querying a gsl memory node.
Memory corruption in Audio while validating and mapping metadata.
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
Memory Corruption in Core Platform while printing the response buffer in log.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
Memory corruption in RIL while trying to send apdu packet.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
Memory corruption when Alternative Frequency offset value is set to 255.
Memory corruption in WLAN HOST while receiving an WMI event from firmware.
Memory corruption in Linux when the file upload API is called with parameters having large buffer.
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
Memory corruption in Audio during playback session with audio effects enabled.
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
Initial xbl_sec revision does not have all the debug policy features and critical checks.
Memory corruption due to stack-based buffer overflow in Core
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
Memory corruption in Automotive Android OS due to improper validation of array index.
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.
Memory corruption in core due to stack-based buffer overflow
Memory corruption due to improper validation of array index in Audio.
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.
Memory corruption during session sign renewal request calls in HLOS.
Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.
Memory corruption in Linux Networking due to double free while handling a hyp-assign.
Memory corruption when keymaster operation imports a shared key.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption while allocating memory for graphics.
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
Memory corruption when the channel ID passed by user is not validated and further used.
Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.
Memory corruption when size of buffer from previous call is used without validation or re-initialization.
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication.
Memory corruption due to improper access control in Qualcomm IPC.
Memory corruption when allocating and accessing an entry in an SMEM partition.
Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.