CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
Memory corruption when an invoke call and a TEE call are bound for the same trusted application. | 7.8 |
HIGH |
||
Memory corruption while processing key blob passed by the user. | 7.8 |
HIGH |
||
Transient DOS while loading the TA ELF file. | 7.1 |
HIGH |
||
Memory corruption while performing finish HMAC operation when context is freed by keymaster. | 8.4 |
HIGH |
||
Memory corruption while processing IOCTL handler in FastRPC. | 8.4 |
HIGH |
||
Transient DOS while parse fils IE with length equal to 1. | 7.5 |
HIGH |
||
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger. | 8.4 |
HIGH |
||
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. | 7.5 |
HIGH |
||
Memory corruption while reading ACPI config through the user mode app. | 8.4 |
HIGH |
||
Transient DOS while processing 11AZ RTT management action frame received through OTA. | 7.5 |
HIGH |
||
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. | 7.5 |
HIGH |
||
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. | 7.8 |
HIGH |
||
Memory corruption in Core while processing control functions. | 9.3 |
CRITICAL |
||
Transient DOS while parsing WPA IES, when it is passed with length more than expected size. | 7.5 |
HIGH |
||
Transient DOS in WLAN Firmware while processing a FTMR frame. | 7.5 |
HIGH |
||
Transient DOS when processing a NULL buffer while parsing WLAN vdev. | 7.5 |
HIGH |
||
Memory corruption when processing cmd parameters while parsing vdev. | 8.4 |
HIGH |
||
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. | 7.5 |
HIGH |
||
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. | 7.5 |
HIGH |
||
Memory corruption in HLOS while invoking IOCTL calls from user-space. | 8.4 |
HIGH |
||
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. | 7.8 |
HIGH |
||
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. | 7.8 |
HIGH |
||
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | 6.5 |
MEDIUM |
||
Memory corruption while loading an ELF segment in TEE Kernel. | 8.8 |
HIGH |
||
Memory corruption in MPP performance while accessing DSM watermark using external memory address. | 7.8 |
HIGH |
||
Memory Corruption in SPS Application while exporting public key in sorter TA. | 7.8 |
HIGH |
||
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. | 7.5 |
HIGH |
||
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. | 7.5 |
HIGH |
||
Transient DOS in WLAN Firmware while parsing t2lm buffers. | 7.5 |
HIGH |
||
Transient DOS in WLAN Firmware while parsing no-inherit IES. | 7.5 |
HIGH |
||
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | 9.8 |
CRITICAL |
||
Memory corruption in core services when Diag handler receives a command to configure event listeners. | 9 |
CRITICAL |
||
Cryptographic issue in HLOS during key management. | 7.8 |
HIGH |
||
Memory corruption in TZ Secure OS while loading an app ELF. | 8.2 |
HIGH |
||
Memory Corruption in Core due to secure memory access by user while loading modem image. | 8.4 |
HIGH |