Known Vulnerabilities
CVE-2023-21664
Memory Corruption in Core Platform while printing the response buffer in log.
CVE-2023-21662
Memory corruption in Core Platform while printing the response buffer in log.
CVE-2023-21653
Transient DOS in Modem while processing RRC reconfiguration message.
CVE-2023-21646
Transient DOS in Modem while processing invalid System Information Block 1.
CVE-2023-22666
Memory Corruption in Audio while playing amrwbplus clips with modified content.
CVE-2023-21652
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
CVE-2023-21651
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
CVE-2023-21626
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
CVE-2022-40510
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2022-40535
Transient DOS due to buffer over-read in WLAN while sending a packet to device.
CVE-2022-40531
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
CVE-2022-40530
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
CVE-2022-40527
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
CVE-2022-33309
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.
CVE-2022-33278
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
CVE-2022-33272
Transient DOS in modem due to reachable assertion.
CVE-2022-33257
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
CVE-2022-33256
Memory corruption due to improper validation of array index in Multi-mode call processor.
CVE-2022-33254
Transient DOS due to reachable assertion in Modem while processing SIB1 Message.
CVE-2022-33250
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.
CVE-2022-33244
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout
CVE-2022-33213
Memory corruption in modem due to buffer overflow while processing a PPP packet
CVE-2022-25709
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg
CVE-2022-25705
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
CVE-2022-25694
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
CVE-2022-22075
Information Disclosure in Graphics during GPU context switch.
CVE-2022-40514
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2022-40512
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2022-33306
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
CVE-2022-33280
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.
CVE-2022-33277
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVE-2022-33271
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
CVE-2022-33248
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
CVE-2022-33233
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
CVE-2022-33232
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
CVE-2022-40520
Memory corruption due to stack-based buffer overflow in Core
CVE-2022-40519
Information disclosure due to buffer overread in Core
CVE-2022-40518
Information disclosure due to buffer overread in Core
CVE-2022-40517
Memory corruption in core due to stack-based buffer overflow
CVE-2022-40516
Memory corruption in Core due to stack-based buffer overflow.
CVE-2022-33286
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
CVE-2022-33285
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
CVE-2022-33284
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
CVE-2022-33283
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
CVE-2022-33276
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
CVE-2022-33252
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
CVE-2022-25746
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
CVE-2022-25725
Denial of service in MODEM due to improper pointer handling