Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Memory Corruption when accessing trusted execution environment without proper privilege check.
Transient DOS when MAC configures config id greater than supported maximum value.
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
Memory Corruption when accessing buffers with invalid length during TA invocation.
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
Transient DOS when processing a received frame with an excessively large authentication information element.
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
Memory corruption while calculating offset from partition start point.
Memory corruption when calculating oversized partition sizes without proper checks.
Memory Corruption when multiple threads simultaneously access a memory free API.