A race condition exists in a driver potentially leading to a use-after-free condition.

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability.

Memory corruption during GNSS HAL process initialization.

Memory corruption while processing GPU page table switch.

Memory corruption while processing voice packet with arbitrary data received from ADSP.

Memory corruption while processing GPU commands.

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Memory corruption while handling session errors from firmware.

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.