Memory corruption while using Strongbox due to buffer overflow.
Memory corruption while using Strongbox due to missing bounds check.
Memory Corruption when processing fastboot commands to set display mode.
Memory corruption while processing fastboot commands with improperly formatted input.
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.
Memory corruption while processing fastboot commands with invalid input.
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
Memory corruption while processing fastboot OEM commands.
Memory Corruption when processing display command line information due to improper initialization of a variable.
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
Transient DOS when processing target power rate tables during channel configuration.
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
Memory corruption when decoding corrupted satellite data files with invalid signature offsets.
Memory corruption while processing a frame request from user.
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Memory corruption while using alignments for memory allocation.
Memory Corruption when adding user-supplied data without checking available buffer space.
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
Memory Corruption when accessing buffers with invalid length during TA invocation.
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
Transient DOS when processing a received frame with an excessively large authentication information element.
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.
Memory corruption while processing identity credential operations in the trusted application.
Memory corruption while processing a secure logging command in the trusted application.
Cryptographic issue may occur while encrypting license data.
Memory corruption while handling sensor utility operations.
Memory corruption while deinitializing a HDCP session.
Memory corruption while accessing a synchronization object during concurrent operations.
Memory corruption while parsing clock configuration data for a specific hardware type.
Memory corruption while processing shared command buffer packet between camera userspace and kernel.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Memory corruption while processing a config call from userspace.
Information disclosure while processing a firmware event.
Transient DOS while parsing video packets received from the video firmware.
Memory corruption while loading an invalid firmware in boot loader.