7.8
CVE-2024-45580 - Use After Free in DSP Service
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.
7.8
CVE-2024-43062 - Use After Free in Camera Linux
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
7.8
CVE-2024-43061 - Use After Free in Audio
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
7.8
CVE-2024-43060 - Use of Out-of-range Pointer Offset in Automotive Audio
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
7.8
CVE-2024-43059 - Use After Free in Automotive Multimedia
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
7.8
CVE-2024-43057 - Use After Free in MProc
Memory corruption while processing command in Glink linux.
5.5
CVE-2024-43056 - Buffer Over-read in Hypervisor
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
7.8
CVE-2024-43055 - Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera_Linux
Memory corruption while processing camera use case IOCTL call.
5.5
CVE-2024-43051 - Improper Authorization in SPS-HLOS
Information disclosure while deriving keys for a session for any Widevine use case.
5.4
CVE-2024-38426 - Improper Authentication in Modem
While processing the authentication message in UE, improper authentication may lead to information disclosure.