CVE-2025-27053

all versions

Memory corruption during PlayReady APP usecase while processing TA commands.

7.8HIGH

CVE-2025-21487

all versions

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than th

8.2HIGH

CVE-2024-53026

all versions

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.

8.2HIGH

CVE-2024-53021

all versions

Information disclosure may occur while processing goodbye RTCP packet from network.

8.2HIGH

CVE-2024-53020

all versions

Information disclosure may occur while decoding the RTP packet with invalid header extension from network.

8.2HIGH

CVE-2024-43052

all versions

Memory corruption while processing API calls to NPU with invalid input.

7.8HIGH

CVE-2024-38423

all versions

Memory corruption while processing GPU page table switch.

7.8HIGH

CVE-2024-38422

all versions

Memory corruption while processing voice packet with arbitrary data received from ADSP.

7.8HIGH

CVE-2024-38415

all versions

Memory corruption while handling session errors from firmware.

7.8HIGH

CVE-2024-33043

all versions

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

5.5MEDIUM

CVE-2024-33027

all versions

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU

8.4HIGH

CVE-2024-23357

all versions

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

6.2MEDIUM

CVE-2024-23353

all versions

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

7.5HIGH

CVE-2024-23373

all versions

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

8.4HIGH

CVE-2024-21461

all versions

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

8.4HIGH