Memory corruption while using Strongbox due to buffer overflow.
Memory corruption while using Strongbox due to missing bounds check.
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
Memory corruption while processing multiple IOCTL command for escape operations.
Memory corruption while processing IOCTL calls for escape operations.
Memory Corruption when processing fastboot commands to set display mode.
Memory corruption while processing fastboot commands with improperly formatted input.
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.
Memory corruption while processing fastboot commands with invalid input.
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
Memory corruption while processing fastboot OEM commands.
Memory Corruption when processing display command line information due to improper initialization of a variable.
Memory Corruption when sending random number generator command with insufficient output buffer size.
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
Memory corruption in windows drivers while sending incorrect trusted application request
Memory corruption in diagnostic services due to absence of input validation
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
Memory corruption while processing IOCTL command when device is in power-save state.
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
Transient DOS when processing target power rate tables during channel configuration.
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
Memory Corruption when retrieving output buffer with insufficient size validation.
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
Memory corruption when decoding corrupted satellite data files with invalid signature offsets.
Memory corruption while processing a frame request from user.
Memory corruption while preprocessing IOCTL request in JPEG driver.
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.
Memory corruption while using alignments for memory allocation.
Memory Corruption when processing invalid user address with nonstandard buffer address.
Memory Corruption when adding user-supplied data without checking available buffer space.