Memory corruption while reading the FW response from the shared queue.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Memory corruption while reading secure file.

Memory corruption may occur while accessing a variable during extended back to back tests.

Information disclosure while parsing the OCI IE with invalid length.

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Memory corruption while maintaining memory maps of HLOS memory.

Memory corruption while processing IOCTL call for getting group info.

Memory corruption when two threads try to map and unmap a single node simultaneously.

Memory corruption when user provides data for FM HCI command control operations.

Information disclosure in Video while parsing mp2 clip with invalid section length.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.

Memory corruption when the IOCTL call is interrupted by a signal.

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

Memory corruption while playing audio file having large-sized input buffer.

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

Memory corruption when the payload received from firmware is not as per the expected protocol size.

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.