Name of the Vulnerable Software and Affected Versions:

ADSP BTFM client (affected versions not specified)

Description:

The issue is related to memory corruption that occurs when the BTFM client sends new messages over Slimbus to the ADSP. This happens due to the improper handling of a local completion variable called `done` in the functions `qcom slim ngd xfer msg` and `qcom slim ngd xfer msg sync`, which is accessed beyond the scope of these functions.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.