Memory corruption in TZ Secure OS while loading an app ELF.
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory Corruption in WLAN HOST while fetching TX status information.
Memory corruption in WLAN HAL while parsing WMI command parameters.
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
Memory corruption during sub-system restart while processing clean-up to free up resources.
Memory corruption while performing encryption and decryption commands.
Memory corruption while processing multiple simultaneous escape calls.
Memory corruption when the captureRead QDCM command is invoked from user-space.
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
Memory corruption while handling client exceptions, allowing unauthorized channel access.
Memory corruption when user provides data for FM HCI command control operations.
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
Memory Corruption in HLOS while registering for key provisioning notify.
Memory corruption while processing IOCTL call to set metainfo.
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
Memory corruption while processing frame command IOCTL calls.
Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.
Memory Corruption in Audio while invoking IOCTLs calls from the user-space.
Memory Corruption in Audio while playing amrwbplus clips with modified content.
Memory Corruption in Audio while allocating the ion buffer during the music playback.
Memory corruption during PlayReady APP usecase while processing TA commands.
Memory corruption in Automotive GPU while querying a gsl memory node.
Memory corruption while processing packet data with exceedingly large packet.
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
Improper Access to the VM resource manager can lead to Memory Corruption.
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
Memory corruption in Core Platform while printing the response buffer in log.
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Memory Corruption in camera while installing a fd for a particular DMA buffer.
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
Memory corruption in Linux while calling system configuration APIs.
Memory Corruption while accessing metadata in Display.
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
Memory Corruption due to improper validation of array index in Linux while updating adn record.
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
Memory corruption due to untrusted pointer dereference in automotive during system call.