CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. | 7.8 |
Haute |
||
Memory Corruption in WLAN HOST while fetching TX status information. | 7.8 |
Haute |
||
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. | 7.8 |
Haute |
||
Memory Corruption in Audio while allocating the ion buffer during the music playback. | 8.4 |
Haute |
||
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | 7.8 |
Haute |
||
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client. | 7.8 |
Haute |
||
Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. | 7.8 |
Haute |
||
Memory corruption in Linux while calling system configuration APIs. | 7.8 |
Haute |
||
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. | 7.8 |
Haute |
||
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. | 7.8 |
Haute |
||
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. | 9.8 |
Critique |
||
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. | 6.8 |
Moyen |