Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.

Memory Corruption in Core Platform while printing the response buffer in log.

Memory Corruption while accessing metadata in Display.

Memory corruption in Core Platform while printing the response buffer in log.

Memory corruption in Audio while validating and mapping metadata.

Transient DOS in Modem while processing RRC reconfiguration message.

Transient DOS in Modem while processing invalid System Information Block 1.

Information disclosure in Automotive multimedia due to buffer over-read.

Memory Corruption in Audio while playing amrwbplus clips with modified content.

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

Memory corruption in Trusted Execution Environment while calling service API with invalid address.

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.