Known Vulnerabilities
CVE-2018-11816
Crafted Binder Request Causes Heap UAF in MediaServer
CVE-2016-10408
QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer.
CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
CVE-2023-33030
Memory corruption in HLOS while running playready use-case.
CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA.
CVE-2023-33059
Memory corruption in Audio while processing the VOC packet data from ADSP.
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
CVE-2023-22667
Memory Corruption in Audio while allocating the ion buffer during the music playback.
CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request.
CVE-2022-40531
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2022-40515
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
CVE-2022-33213
Memory corruption in modem due to buffer overflow while processing a PPP packet
CVE-2022-25709
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg
CVE-2022-25705
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
CVE-2022-25694
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
CVE-2022-22075
Information Disclosure in Graphics during GPU context switch.
CVE-2022-40512
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2022-33271
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
CVE-2022-33233
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2022-33285
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.