| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. |
| Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
| Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. |
| Memory corruption while processing MBSSID beacon containing several subelement IE. |
| Memory Corruption in WLAN HOST while parsing QMI response message from firmware. |
| Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. |
| Memory corruption when Alternative Frequency offset value is set to 255. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. |
| Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. |
| Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. |
| Memory corruption in Audio while running invalid audio recording from ADSP. |
| Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. |
| Memory corruption while processing multiple simultaneous escape calls. |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. |
