| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in TZ Secure OS while loading an app ELF. |
| Transient DOS while parse fils IE with length equal to 1. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. |
| Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR. |
| Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP. |
| Memory corruption in DSP Service during a remote call from HLOS to DSP. |
| Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. |
| Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Memory corruption in Core while processing RX intent request. |
| Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued. |
| Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. |
| Transient DOS in WLAN Firmware while parsing no-inherit IES. |
| Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. |
| Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. |
| Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
