| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS when processing target power rate tables during channel configuration. |
| Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming. |
| Memory corruption while processing IPA statistics, when there are no active clients registered. |
| Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. |
| Memory corruption while reading the FW response from the shared queue. |
| Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
| Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. |
| Memory corruption while retrieving the CBOR data from TA. |
| Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input. |
| Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors. |
| Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. |
| Transient DOS may occur while processing malformed length field in SSID IEs. |
| Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. |
| Memory corruption while processing video packets received from video firmware. |
| Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. |
| Memory corruption while verifying the serialized header when the key pairs are generated. |
| Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem. |
