7.5
CVE-2024-33070 - Buffer Over-read in WLAN Host Communication
Transient DOS while parsing ESP IE from beacon/probe response frame.
7.5
CVE-2024-33069 - Use After Free in WLAN Host
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.
9.8
CVE-2024-33066 - Improper Input Validation in WLAN Resource Manager
Memory corruption while redirecting log file to any file location with any file name.
8.4
CVE-2024-33065 - Improper Input Validation in Camera
Memory corruption while taking snapshot when an offset variable is set by camera driver.
8.2
CVE-2024-33064 - Buffer Over-read in WLAN Host Communication
Information disclosure while parsing the multiple MBSSID IEs from the beacon.
7.5
CVE-2024-33049 - Buffer Over-read in WLAN Host Communication
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
6.7
CVE-2024-23379 - Double Free in DSP Services
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.
6.7
CVE-2024-23378 - Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
6.7
CVE-2024-23376 - Use After Free in ComputerVision
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.
6.7
CVE-2024-23375 - Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in RIL
Memory corruption during the network scan request.