72 known vulnerabilities · sorted by CVSS score
Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
Memory corruption in modem due to improper length check while copying into memory
Memory correction in modem due to buffer overwrite during coap connection
memory corruption in modem due to improper check while calculating size of serialized CoAP message
Memory corruption in modem due to improper input validation while handling the incoming CoAP message
Memory corruption due to double free in core while initializing the encryption key.
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Memory corruption in HLOS while running playready use-case.
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
Memory corruption in Audio while processing RT proxy port register driver.
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
Memory corruption in Audio during playback with speaker protection.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.