5.5
CVE-2025-21431 - Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform
Information disclosure may be there when a guest VM is connected.
7.5
CVE-2025-21430 - Buffer Over-read in WLAN Host
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
7.5
CVE-2025-21429 - Buffer Over-read in WLAN Host
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
7.5
CVE-2025-21428 - Buffer Over-read in WLAN Host
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
7.3
CVE-2025-21425 - Improper Access Control in Automotive Linux OS
Memory corruption may occur due top improper access control in HAB process.
7.8
CVE-2025-21423 - Improper Validation of Array Index in Display
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
7.8
CVE-2025-21421 - Buffer Over-read in Display
Memory corruption while processing escape code in API.
6.7
CVE-2024-49848 - Use After Free in DSP Service
Memory corruption while processing multiple IOCTL calls from HLOS to DSP.
7.8
CVE-2024-45557 - Use of Out-of-range Pointer Offset in Trust Management Engine
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
6.5
CVE-2024-45556 - Improper Access Control for Register Interface in TZ Firmware
Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.