Qualcomm ≫ Robotics Rb5 Firmware

Memory corruption in display driver while detaching a device.

Memory corruption may occur while validating ports and channels in Audio driver.

Information disclosure while deriving keys for a session for any Widevine use case.

Memory corruption while power-up or power-down sequence of the camera sensor.

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Memory corruption while processing IOCTL call for getting group info.

Memory corruption when two threads try to map and unmap a single node simultaneously.

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.