Memory corruption while processing the TESTPATTERNCONFIG escape path.
Memory corruption while processing multiple simultaneous escape calls.
Memory corruption while processing manipulated payload in video firmware.
Memory corruption while processing video packets received from video firmware.
Memory corruption while processing a private escape command in an event trigger.
Cryptographic issue occurs due to use of insecure connection method while downloading.
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
Memory corruption while retrieving the CBOR data from TA.
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
Memory corruption while operating the mailbox in Automotive.
memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
Transient DOS while processing the EHT operation IE in the received beacon frame.
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
Information disclosure may occur while processing goodbye RTCP packet from network.
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
Memory corruption may occur while attaching VM when the HLOS retains access to VM.
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Memory corruption while reading the FW response from the shared queue.
Transient DOS while parsing per STA profile in ML IE.
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
Memory corruption during the FRS UDS generation process.
Memory corruption while triggering commands in the PlayReady Trusted application.
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
Memory corruption while reading secure file.
Transient DOS may occur while parsing SSID in action frames.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Memory corruption while IOCTL call is invoked from user-space to read board data.
Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
Memory corruption while processing escape code in API.
Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.
Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.
Memory corruption while handling file descriptor during listener registration/de-registration.
Cryptographic issues while generating an asymmetric key pair for RKP use cases.
There may be information disclosure during memory re-allocation in TZ Secure OS.
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP.
Memory corruption while calling the NPU driver APIs concurrently.
Transient DOS may occur while processing the country IE.
Memory corruption in display driver while detaching a device.
Memory corruption may occur while validating ports and channels in Audio driver.
Transient DOS during hypervisor virtual I/O operation in a virtual machine.