Information disclosure while parsing the OCI IE with invalid length.

Memory corruption while configuring a Hypervisor based input virtual device.

Information disclosure during audio playback.

Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

Possible out of bound access in audio module due to lack of validation of user provided input.

Memory corruption while processing GPU page table switch.

Memory corruption while processing voice packet with arbitrary data received from ADSP.