Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Memory corruption while handling repeated memory unmap requests from guest VM.
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Memory corruption while loading an invalid firmware in boot loader.
memory corruption while processing an image encoding completion event.
Memory corruption while processing control commands in the virtual memory management interface.
Memory corruption while invoking remote procedure IOCTL calls.
Memory corruption while passing pages to DSP with an unaligned starting address.
Memory corruption while processing client message during device management.
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
Memory corruption while handling IOCTL calls to set mode.
Memory corruption due to global buffer overflow when a test command uses an invalid payload type.
Memory corruption while handling invalid inputs in application info setup.
Memory corruption while deinitializing a HDCP session.
Memory corruption when accessing resources in kernel driver.
Memory corruption while processing data sent by FE driver.
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
Memory corruption while processing an escape call.
Memory Corruption when processing IOCTLs for JPEG data without verification.
Memory corruption while processing audio streaming operations.
Memory corruption in Core due to stack-based buffer overflow.
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
Memory corruption in core due to stack-based buffer overflow
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
u'XBL SEC clears only ZI region when loading Qualcomm-signed segments can lead to improper access issue' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDA845, SDM429W, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
Memory corruption while processing video packets received from video firmware.
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
Memory corruption while processing camera platform driver IOCTL calls.
Memory corruption while processing manipulated payload in video firmware.
memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
Memory corruption while processing the TESTPATTERNCONFIG escape path.
Memory corruption while processing event close when client process terminates abruptly.
Memory corruption while processing message in guest VM.
Crafted Binder Request Causes Heap UAF in MediaServer
Memory corruption during the image encoding process.
Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.
Memory corruption while processing simultaneous requests via escape path.
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
Memory corruption while executing timestamp video decode command with large input values.
Memory corruption during video playback when video session open fails with time out error.
Memory corruption while processing DDI call with invalid buffer.
Memory corruption while processing data packets in diag received from Unix clients.
Memory corruption while processing command message in WLAN Host.
Memory corruption while processing a GP command response.