Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130

NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC8180X, SXR2130

u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24

Memory corruption while processing the TESTPATTERNCONFIG escape path.

memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.

Memory corruption in WLAN due to use after free

Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Memory corruption during sub-system restart while processing clean-up to free up resources.

Memory corruption while processing event close when client process terminates abruptly.

Memory corruption during concurrent buffer access due to modification of the reference count.

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

Memory corruption while handling IOCTL call from user-space to set latency level.

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.

Memory corruption while processing a private escape command in an event trigger.

Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.

Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.

Memory corruption while processing memory map or unmap IOCTL operations simultaneously.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

Memory corruption while processing commands from A2dp sink command queue.

Memory corruption while calling the NPU driver APIs concurrently.

Memory corruption in DSP Services during a remote call from HLOS to DSP.