| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information disclosure in Video while parsing mp2 clip with invalid section length. |
| Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. |
| Memory corruption during management frame processing due to mismatch in T2LM info element. |
| Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. |
| Transient DOS while parse fils IE with length equal to 1. |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. |
| Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. |
| Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. |
| Memory corruption while reading the FW response from the shared queue. |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. |
| Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Memory corruption in HLOS while checking for the storage type. |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory corruption while processing data packets in diag received from Unix clients. |
