| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption while handling test pattern generator IOCTL command. |
| Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation. |
| A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. |
| Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. |
| Memory corruption in Audio while processing RT proxy port register driver. |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. |
| Memory corruption in Audio while running invalid audio recording from ADSP. |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. |
| Memory corruption in Modem while processing security related configuration before AS Security Exchange. |
| Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.
Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. |
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. |
| A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4. |
| The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. |
| Memory corruption in Audio during playback with speaker protection. |
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory. |
| Memory corruption when malformed message payload is received from firmware. |
| Memory corruption may occur during IO configuration processing when the IO port count is invalid. |
