| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
| Memory corruption in DSP Services during a remote call from HLOS to DSP. |
| There may be information disclosure during memory re-allocation in TZ Secure OS. |
| Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. |
| Transient DOS may occur while parsing SSID in action frames. |
| memory corruption when an invalid firehose patch command is invoked. |
| Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). |
| Cryptographic issue while parsing RSA keys in COBR format. |
| Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. |
| Memory corruption while processing video packets received from video firmware. |
| Transient DOS while processing CCCH data when NW sends data with invalid length. |
| Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. |
| Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. |
| Memory corruption in Hypervisor when platform information mentioned is not aligned. |
| Information disclosure in Video while parsing mp2 clip with invalid section length. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Transient DOS in Bluetooth Host while rfc slot allocation. |
| Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. |
| Memory Corruption in Core during syscall for Sectools Fuse comparison feature. |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |