Memory corruption when calculating oversized partition sizes without proper checks.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while routing GPR packets between user and root when handling large data packet.
Memory corruption while copying packets received from unix clients.
Memory corruption during sub-system restart while processing clean-up to free up resources.
Memory corruption while processing command message in WLAN Host.
Memory corruption while processing simultaneous requests via escape path.
Memory corruption while processing video packets received from video firmware.
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
Memory corruption while processing an IOCTL command with an arbitrary address.
Memory corruption while processing DDI call with invalid buffer.
Memory corruption during PlayReady APP usecase while processing TA commands.
Memory corruption while processing camera platform driver IOCTL calls.
Memory corruption while processing manipulated payload in video firmware.
Memory corruption while processing message in guest VM.
Memory corruption while processing a GP command response.
Memory corruption while handling client exceptions, allowing unauthorized channel access.
Memory corruption while processing packet data with exceedingly large packet.
Memory corruption while processing data packets in diag received from Unix clients.
Memory corruption while processing event close when client process terminates abruptly.
Memory corruption while processing DDI command calls.
Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.
Memory corruption during the image encoding process.
Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.
Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile
Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto
Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Memory corruption while processing memory map or unmap IOCTL operations simultaneously.
Memory corruption while retrieving the CBOR data from TA.
Memory corruption while copying the result to the transmission queue in EMAC.
Memory corruption while processing commands from A2dp sink command queue.
Memory corruption while transmitting packet mapping information with invalid header payload size.
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.
Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
Memory corruption while processing message content in eAVB.
Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host.
Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Memory corruption while processing camera TPG write request.
Memory corruption while submitting blob data to kernel space though IOCTL.
Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Memory corruption while IOCTL call is invoked from user-space to read board data.
Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile