Known Vulnerabilities
CVE-2024-33053
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
CVE-2024-33037
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
CVE-2024-33036
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
CVE-2024-38423
Memory corruption while processing GPU page table switch.
CVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2024-33032
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.
CVE-2024-38401
Memory corruption while processing concurrent IOCTL calls.
CVE-2024-33060
Memory corruption when two threads try to map and unmap a single node simultaneously.
CVE-2024-33016
memory corruption when an invalid firehose patch command is invoked.
CVE-2024-33027
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
CVE-2024-23356
Memory corruption during session sign renewal request calls in HLOS.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2024-23373
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-21471
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
CVE-2023-43521
Memory corruption when multiple listeners are being registered with the same file descriptor.
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2024-21452
Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.
CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer.
CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2023-33066
Memory corruption in Audio while processing RT proxy port register driver.
CVE-2023-28578
Memory corruption in Core Services while executing the command for removing a single event listener.
CVE-2023-33067
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
CVE-2023-33065
Information disclosure in Audio while accessing AVCS services from ADSP payload.
CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP.
CVE-2023-24847
Transient DOS in Modem while allocating DSM items.
CVE-2023-28542
Memory Corruption in WLAN HOST while fetching TX status information.
CVE-2023-28541
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
CVE-2023-21629
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
CVE-2022-33264
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
CVE-2023-21665
Memory corruption in Graphics while importing a file.
CVE-2022-33289
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.