CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
Memory corruption may occur while validating ports and channels in Audio driver. | 7.8 |
Haute |
||
Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
Moyen |
||
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | 7.5 |
Haute |
||
Memory corruption when Alternative Frequency offset value is set to 255. | 7.8 |
Haute |
||
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. | 6.2 |
Moyen |
||
Memory corruption in Graphics while processing user packets for command submission. | 8.4 |
Haute |
||
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA). | 7.5 |
Haute |
||
Memory corruption in WLAN HAL while handling command through WMI interfaces. | 7.8 |
Haute |
||
Memory corruption in WLAN HAL while handling command streams through WMI interfaces. | 7.8 |
Haute |
||
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. | 7.8 |
Haute |
||
Memory corruption while handling payloads from remote ESL. | 9.8 |
Critique |
||
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. | 7.8 |
Haute |
||
Memory Corruption in WLAN HOST while fetching TX status information. | 7.8 |
Haute |
||
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. | 7.8 |
Haute |
||
Memory Corruption in Audio while allocating the ion buffer during the music playback. | 8.4 |
Haute |
||
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | 7.8 |
Haute |
||
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client. | 7.8 |
Haute |
||
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. | 7.8 |
Haute |
||
Memory corruption in Linux while calling system configuration APIs. | 7.8 |
Haute |
||
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. | 7.8 |
Haute |
||
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. | 7.8 |
Haute |
||
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. | 9.8 |
Critique |
||
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. | 6.8 |
Moyen |