Memory corruption when the payload received from firmware is not as per the expected protocol size.
Memory corruption when size of buffer from previous call is used without validation or re-initialization.
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
Memory corruption while verifying the serialized header when the key pairs are generated.
Memory corruption in HLOS while checking for the storage type.
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
Memory corruption while processing finish_sign command to pass a rsp buffer.
Memory corruption in SPS Application while requesting for public key in sorter TA.
Memory corruption in Core Services while executing the command for removing a single event listener.
Memory corruption in Automotive Multimedia due to improper access control in HAB.
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
Memory corruption in Core while processing control functions.
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.
Memory corruption in HLOS while running playready use-case.
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
Memory corruption in HLOS while invoking IOCTL calls from user-space.
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
Memory corruption while loading an ELF segment in TEE Kernel.
Memory Corruption in SPS Application while exporting public key in sorter TA.
Cryptographic issue in HLOS during key management.
Memory corruption in TZ Secure OS while loading an app ELF.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption in Automotive Display while destroying the image handle created using connected display driver.
Memory Corruption in HLOS while registering for key provisioning notify.
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
Weak configuration in Automotive while VM is processing a listener request from TEE.
Improper Access to the VM resource manager can lead to Memory Corruption.
Memory Corruption in Core Platform while printing the response buffer in log.
Memory corruption in Core Platform while printing the response buffer in log.
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
Memory corruption due to untrusted pointer dereference in automotive during system call.
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
Memory corruption in Automotive GPU while querying a gsl memory node.
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
Information disclosure in Kernel due to indirect branch misprediction.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
information disclosure due to cryptographic issue in Core during RPMB read request.
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
Memory corruption due to double free in core while initializing the encryption key.