Memory corruption while processing an escape call.
Memory corruption when triggering a subsystem crash with an out-of-range identifier.
Memory corruption while accessing a buffer during IOCTL processing.
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
Memory corruption while processing user buffers.
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24
Memory corruption while processing IOCTL call to get the mapping.
Memory Corruption when multiple threads simultaneously access a memory free API.
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Memory corruption when calculating oversized partition sizes without proper checks.
Memory Corruption when accessing trusted execution environment without proper privilege check.
Memory corruption while processing audio streaming operations.
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
Memory corruption while handling invalid inputs in application info setup.
Memory corruption while processing large input data from a remote source via a communication interface.
Memory corruption while preprocessing IOCTL request in JPEG driver.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while processing escape commands from userspace.
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger.
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
Memory corruption when malformed message payload is received from firmware.
Memory corruption while processing a video session to set video parameters.
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Memory corruption while loading an invalid firmware in boot loader.
Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.
Memory corruption while routing GPR packets between user and root when handling large data packet.
Memory Corruption when processing IOCTLs for JPEG data without verification.
Memory corruption occurs when a secure application is launched on a device with insufficient memory.
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
Memory corruption while processing IOCTL handler in FastRPC.
Memory corruption in HLOS while checking for the storage type.
Memory corruption while processing request sent from GVM.
Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics render.
Memory corruption while reading ACPI config through the user mode app.
Memory corruption while invoking remote procedure IOCTL calls.
Memory corruption while processing TPC target power table in FTM TPC.
Memory corruption while processing client message during device management.
Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.
Memory corruption while verifying the serialized header when the key pairs are generated.
Memory corruption in Automotive Multimedia due to improper access control in HAB.
Memory corruption due to global buffer overflow when a test command uses an invalid payload type.
Memory corruption while invoking IOCTLs calls in Automotive Multimedia.
Memory corruption when more scan frequency list or channels are sent from the user space.
Memory corruption when multiple listeners are being registered with the same file descriptor.
Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24