CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 8.4 |
Haute |
||
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. | 7.5 |
Haute |
||
Memory corruption when an invoke call and a TEE call are bound for the same trusted application. | 7.8 |
Haute |
||
Memory corruption while processing key blob passed by the user. | 7.8 |
Haute |
||
Transient DOS while loading the TA ELF file. | 7.1 |
Haute |
||
Memory corruption while performing finish HMAC operation when context is freed by keymaster. | 8.4 |
Haute |
||
Memory corruption in Core while processing control functions. | 9.3 |
Critique |
||
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. | 7.8 |
Haute |
||
Memory corruption in Audio during playback with speaker protection. | 8.4 |
Haute |
||
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. | 9.3 |
Critique |
||
Memory corruption in HLOS while running playready use-case. | 9.3 |
Critique |
||
Memory corruption while using the UIM diag command to get the operators name. | 7.8 |
Haute |
||
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. | 7.8 |
Haute |
||
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | 6.5 |
Moyen |
||
Memory corruption while loading an ELF segment in TEE Kernel. | 8.8 |
Haute |
||
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | 7.8 |
Haute |
||
Memory corruption in MPP performance while accessing DSM watermark using external memory address. | 7.8 |
Haute |
||
Memory Corruption in SPS Application while exporting public key in sorter TA. | 7.8 |
Haute |
||
Cryptographic issue in HLOS during key management. | 7.8 |
Haute |
||
Memory corruption in TZ Secure OS while loading an app ELF. | 8.2 |
Haute |
||
Memory Corruption in Core due to secure memory access by user while loading modem image. | 8.4 |
Haute |
||
Memory Corruption in Multi-mode Call Processor while processing bit mask API. | 9.8 |
Critique |
||
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. | 9.8 |
Critique |
||
Information disclosure in Kernel due to indirect branch misprediction. | 7.1 |
Haute |
||
Transient DOS due to improper authorization in Modem | 7.5 |
Haute |
||
Memory corruption due to double free in Core while mapping HLOS address to the list. | 8.4 |
Haute |
||
information disclosure due to cryptographic issue in Core during RPMB read request. | 7.1 |
Haute |
||
Information disclosure due to buffer over-read in Modem while parsing DNS hostname. | 8.2 |
Haute |
||
Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet. | 7.5 |
Haute |
||
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | 8.4 |
Haute |
||
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 7.8 |
Haute |
||
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length. | 8.2 |
Haute |
||
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |
Moyen |
||
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet. | 8.2 |
Haute |