Memory corruption while processing frame packets.
Memory corruption may occur while processing voice call registration with user.
Memory corruption while handling test pattern generator IOCTL command.
Memory corruption while processing I2C settings in Camera driver.
Memory corruption may occur while processing the OIS packet parser.
Memory corruption while processing IOCTL command to handle buffers associated with a session.
Memory corruption while processing IOCTL calls to add route entry in the HW.
Memory corruption while invoking IOCTL map buffer request from userspace.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.
Memory corruption while processing camera TPG write request.
Memory corruption while processing the IOCTL FM HCI WRITE request.
Memory corruption while processing IOCTL handler in FastRPC.
Memory corruption in video while parsing invalid mp2 clip.
Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Memory corruption in modem due to improper length check while copying into memory
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto
Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in Core due to improper configuration in boot remapper.
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption while reading the FW response from the shared queue.
Memory corruption due to invalid value of total dimension in the non-histogram type KPI could lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
Memory corruption when programming registers through virtual CDM.
Memory Corruption in Audio while invoking callback function in driver from ADSP.
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
Memory corruption in Audio when SSR event is triggered after music playback is stopped.
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
Memory corruption in Audio during playback with speaker protection.
Memory corruption while parsing the ADSP response command.
Memory corruption while receiving a message in Bus Socket Transport Server.
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
Memory corruption in Audio while processing the VOC packet data from ADSP.
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
Memory corruption in HLOS while running playready use-case.
Memory corruption in QESL while processing payload from external ESL device to firmware.