| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption may occur while validating ports and channels in Audio driver. |
| Memory corruption may occur while accessing a variable during extended back to back tests. |
| Memory corruption while calling the NPU driver APIs concurrently. |
| Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| Memory corruption while triggering commands in the PlayReady Trusted application. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
| Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. |
| Transient DOS may occur while processing malformed length field in SSID IEs. |
| Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. |
| Memory corruption while processing video packets received from video firmware. |
| Transient DOS while handling beacon frames with invalid IE header length. |
| Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Memory corruption when BTFM client sends new messages over Slimbus to ADSP. |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. |
| Memory corruption when there is failed unmap operation in GPU. |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
