Known Vulnerabilities
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2018-11816
Crafted Binder Request Causes Heap UAF in MediaServer
CVE-2016-10408
QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
CVE-2024-38423
Memory corruption while processing GPU page table switch.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2024-33051
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVE-2024-23359
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2023-33066
Memory corruption in Audio while processing RT proxy port register driver.
CVE-2023-33067
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
CVE-2023-21665
Memory corruption in Graphics while importing a file.
CVE-2022-40505
Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
CVE-2022-33289
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
CVE-2022-33287
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
CVE-2022-33258
Information disclosure due to buffer over-read in modem while reading configuration parameters.
CVE-2022-25726
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet