Known Vulnerabilities
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-33016
memory corruption when an invalid firehose patch command is invoked.
CVE-2024-21462
Transient DOS while loading the TA ELF file.
CVE-2023-33105
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
CVE-2023-33060
Transient DOS in Core when DDR memory check is called while DDR is not initialized.
CVE-2023-33032
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
CVE-2023-33030
Memory corruption in HLOS while running playready use-case.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel.
CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image.
CVE-2023-28564
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2022-40525
Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.
CVE-2022-40522
Memory corruption in Linux Networking due to double free while handling a hyp-assign.
CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request.
CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2022-40519
Information disclosure due to buffer overread in Core
CVE-2022-40517
Memory corruption in core due to stack-based buffer overflow
CVE-2022-40516
Memory corruption in Core due to stack-based buffer overflow.