CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
Transient DOS may occur while processing the country IE. | 7.5 |
Haute |
||
Memory corruption in display driver while detaching a device. | 7.8 |
Haute |
||
Memory corruption may occur while validating ports and channels in Audio driver. | 7.8 |
Haute |
||
Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
Moyen |
||
While processing the authentication message in UE, improper authentication may lead to information disclosure. | 5.4 |
Moyen |
||
Information disclosure while parsing the OCI IE with invalid length. | 8.2 |
Haute |
||
Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 8.4 |
Haute |
||
Memory corruption while processing GPU page table switch. | 7.8 |
Haute |
||
Memory corruption while handling session errors from firmware. | 7.8 |
Haute |
||
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. | 9.1 |
Critique |
||
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | 7.5 |
Haute |
||
Memory corruption while processing IOCTL call for getting group info. | 7.8 |
Haute |
||
Memory corruption when two threads try to map and unmap a single node simultaneously. | 8.4 |
Haute |
||
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | 7.5 |
Haute |
||
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | 7.5 |
Haute |
||
Memory corruption when BTFM client sends new messages over Slimbus to ADSP. | 8.4 |
Haute |