Memory corruption while running VK synchronization with KASAN enabled.
Memory corruption in Audio when SSR event is triggered after music playback is stopped.
Memory corruption while prociesing command buffer buffer in OPE module.
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption during GNSS HAL process initialization.
Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.
Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.
Memory corruption while processing voice packet with arbitrary data received from ADSP.
Memory corruption while parsing the memory map info in IOCTL calls.
Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption while processing IOCTL call for getting group info.
Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
Memory corruption while processing GPU page table switch.
Memory corruption while handling session errors from firmware.
Memory corruption while handling IOCTL calls in JPEG Encoder driver.
Memory corruption while configuring a Hypervisor based input virtual device.
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
Memory corruption while processing user packets to generate page faults.
Memory corruption while processing concurrent IOCTL calls.
Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
Memory corruption while processing command in Glink linux.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption in DSP Services during a remote call from HLOS to DSP.
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption in display due to double free while allocating frame buffer memory
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
Crafted Binder Request Causes Heap UAF in MediaServer
Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Memory corruption in wearables while processing data from AON.
Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking
Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields
Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
Memory corruption in video driver due to type confusion error during video playback
Memory corruption in multimedia due to buffer overflow while processing count variable from client in Snapdragon Auto
Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile
Memory corruption in Audio while running invalid audio recording from ADSP.
Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.