Qualcomm ≫ Wcn3680b Firmware

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

Memory corruption in Audio while processing IIR config data from AFE calibration block.

Memory corruption in Audio while processing the calibration data returned from ACDB loader.

Memory corruption in HLOS while converting from authorization token to HIDL vector.

Transient DOS in Audio when invoking callback function of ASM driver.

Information disclosure in Audio while accessing AVCS services from ADSP payload.

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.