An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'

Information disclosure possible while audio playback.

Information disclosure due to uninitialized variable.

An image with a version lower than the fuse version may potentially be booted lead to improper authentication.

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Certain unprivileged processes are able to perform IOCTL calls.

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

Memory corruption while processing finish_sign command to pass a rsp buffer.