Known Vulnerabilities
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-28559
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
CVE-2023-28558
Memory corruption in WLAN handler while processing PhyID in Tx status handler.
CVE-2023-28557
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
CVE-2023-28544
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
CVE-2023-28538
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
CVE-2023-28537
Memory corruption while allocating memory in COmxApeDec module in Audio.
CVE-2022-40532
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
CVE-2022-40503
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
CVE-2022-33302
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
CVE-2022-33289
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
CVE-2022-33288
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
CVE-2022-33269
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
CVE-2022-33231
Memory corruption due to double free in core while initializing the encryption key.