Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
Memory Corruption when accessing buffers with invalid length during TA invocation.
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
Memory Corruption when processing display command line information due to improper initialization of a variable.
Memory Corruption when retrieving output buffer with insufficient size validation.
Memory corruption may occur while processing message from frontend during allocation.
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory corruption can occur during context user dumps due to inadequate checks on buffer length.
Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
Memory corruption while processing user buffers.
Memory corruption during concurrent buffer access due to modification of the reference count.
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Page 1+ Next →