CVE-2025-47407

all versions

Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.

7.8HIGH

CVE-2025-47403

all versions

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

6.5MEDIUM

CVE-2025-47401

all versions

Transient DOS when processing target power rate tables during channel configuration.

6.5MEDIUM

CVE-2026-21381

all versions

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness netwo

7.6HIGH

CVE-2026-21367

all versions

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

7.6HIGH

CVE-2025-47374

all versions

Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.

6.5MEDIUM

CVE-2026-21385

all versions

Memory corruption while using alignments for memory allocation.

7.8HIGH

CVE-2025-59600

all versions

Memory Corruption when adding user-supplied data without checking available buffer space.

7.8HIGH

CVE-2025-47378

all versions

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.

7.1HIGH

CVE-2025-47373

all versions

Memory Corruption when accessing buffers with invalid length during TA invocation.

7.8HIGH

CVE-2025-47402

all versions

Transient DOS when processing a received frame with an excessively large authentication information element.

6.5MEDIUM

CVE-2025-47398

all versions

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.

7.8HIGH

CVE-2025-47397

all versions

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.

7.8HIGH