7.8
CVE-2025-21423 - Improper Validation of Array Index in Display
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
7.8
CVE-2025-21421 - Buffer Over-read in Display
Memory corruption while processing escape code in API.
6.7
CVE-2024-49848 - Use After Free in DSP Service
Memory corruption while processing multiple IOCTL calls from HLOS to DSP.
7.8
CVE-2024-45557 - Use of Out-of-range Pointer Offset in Trust Management Engine
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
6.5
CVE-2024-45556 - Improper Access Control for Register Interface in TZ Firmware
Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.
8.2
CVE-2024-45552 - Buffer Over-read in Data Network Stack & Connectivity
Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.
6.2
CVE-2024-45551 - Weak Authentication in HLOS
Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.
7.7
CVE-2024-45549 - Exposure of Sensitive System Information to an Unauthorized Control Sphere in KERNEL
Information disclosure while creating MQ channels.
6.6
CVE-2024-45544 - Use After Free in Data Network Stack & Connectivity
Memory corruption while processing IOCTL calls to add route entry in the HW.
6.6
CVE-2024-45543 - Out-of-bounds Write in Audio
Memory corruption while accessing MSM channel map and mixer functions.