Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
Memory corruption in Linux while sending DRM request.
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
Memory corruption due to use after free in Core when multiple DCI clients register and deregister.
Transient DOS due to reachable assertion in Modem because of invalid network configuration.
Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host
Memory corruption in Linux android due to double free while calling unregister provider after register call.
Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.
information disclosure due to cryptographic issue in Core during RPMB read request.
Assertion occurs while processing Reconfiguration message due to improper validation
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
Transient DOS due to buffer over-read in WLAN while sending a packet to device.
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
Transient DOS in modem due to reachable assertion.
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
Memory corruption due to improper validation of array index in Multi-mode call processor.
Transient DOS due to reachable assertion in Modem while processing SIB1 Message.
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.
Memory corruption in WLAN due to use after free
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
Memory corruption in modem due to buffer overflow while processing a PPP packet
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
Information Disclosure in Graphics during GPU context switch.
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
Memory corruption due to stack-based buffer overflow in Core
Information disclosure due to buffer overread in Core
Information disclosure due to buffer overread in Core
Memory corruption in core due to stack-based buffer overflow
Memory corruption in Core due to stack-based buffer overflow.
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
Denial of service in MODEM due to improper pointer handling
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking