CVE-2024-53033
Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.
CVE-2024-49836
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.
CVE-2024-45580
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.
CVE-2024-43062
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
CVE-2024-43061
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
CVE-2024-43055
Memory corruption while processing camera use case IOCTL call.
CVE-2024-49840
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.
CVE-2024-49832
Memory corruption in Camera due to unusually high number of nodes passed to AXI port.
CVE-2024-45582
Memory corruption while validating number of devices in Camera kernel .
CVE-2024-38414
Information disclosure while processing information on firmware image during core initialization.
CVE-2024-38411
Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.
CVE-2024-45550
Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls.
CVE-2024-45548
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.
CVE-2024-45547
Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.
CVE-2024-45546
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.
CVE-2024-33059
Memory corruption while processing frame command IOCTL calls.
CVE-2024-33055
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.
CVE-2024-33041
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,