Memory corruption may occour while generating test pattern due to negative indexing of display ID.
Memory corruption during array access in Camera kernel due to invalid index from invalid command data.
Memory corruption while taking snapshot when an offset variable is set by camera driver.
Memory corruption during PlayReady APP usecase while processing TA commands.
Memory corruption while deinitializing a HDCP session.
Memory Corruption in Audio while invoking IOCTLs calls from the user-space.
Memory Corruption in Audio while allocating the ion buffer during the music playback.
Memory corruption while processing voice packet with arbitrary data received from ADSP.
Memory corruption while parsing the memory map info in IOCTL calls.
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
Memory Corruption due to improper validation of array index in Linux while updating adn record.
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
An app with non-privileged access can change global system brightness and cause undesired system behavior.
Memory corruption in Core Platform while printing the response buffer in log.
Memoru corruption in Audio when ADSP sends input during record use case.
Improper Access to the VM resource manager can lead to Memory Corruption.
Memory corruption in Audio while validating and mapping metadata.
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
Memory corruption while running VK synchronization with KASAN enabled.
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
Memory corruption in Graphics while importing a file.
Memory corruption while using the UIM diag command to get the operators name.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
Memory corruption in Audio while processing the calibration data returned from ACDB loader.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Memory corruption in Core while processing control functions.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued.
Memory corruption in Audio while processing IIR config data from AFE calibration block.
Memory corruption in DSP Service during a remote call from HLOS to DSP.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Memory corruption while allocating buffers in DSP service.
Memory corruption in HLOS while converting from authorization token to HIDL vector.
Memory corruption in Audio while running invalid audio recording from ADSP.
Memory corruption due to double free when multiple threads race to set the timestamp store.
Memory corruption in Graphics while processing user packets for command submission.
Memory corruption when processing cmd parameters while parsing vdev.
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.