Known Vulnerabilities
CVE-2018-11816
Crafted Binder Request Causes Heap UAF in MediaServer
CVE-2016-10408
QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
CVE-2024-23353
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2024-21461
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU.
CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer.
CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2022-40510
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2022-33264
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
CVE-2022-33289
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
CVE-2022-40515
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
CVE-2022-33213
Memory corruption in modem due to buffer overflow while processing a PPP packet
CVE-2022-40512
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2022-33271
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.