diff --git a/drivers/soc/qcom/slate_events_bridge.c b/drivers/soc/qcom/slate_events_bridge.c
index c03721bf9817..c7db651c2e46 100644
--- a/drivers/soc/qcom/slate_events_bridge.c
+++ b/drivers/soc/qcom/slate_events_bridge.c
@@ -596,6 +596,10 @@ void seb_rx_msg(void *data, int len)
 
 	wake_up(&dev->link_state_wait);
 	if (dev->wait_for_resp) {
+		if (len > SEB_GLINK_INTENT_SIZE) {
+			pr_err("Invalid seb rx buffer length\n");
+			return;
+		}
 		memcpy(dev->rx_buf, data, len);
 	} else {
 		/* Handle the event received from Slate */
diff --git a/drivers/soc/qcom/slate_rsb.c b/drivers/soc/qcom/slate_rsb.c
index 90773d24e1d9..40d8f9913353 100644
--- a/drivers/soc/qcom/slate_rsb.c
+++ b/drivers/soc/qcom/slate_rsb.c
@@ -151,6 +151,10 @@ void slatersb_rx_msg(void *data, int len)
 	struct slatersb_priv *dev =
 		container_of(slatersb_drv, struct slatersb_priv, lhndl);
 
+	if (len > SLATERSB_GLINK_INTENT_SIZE) {
+		pr_err("Invalid slatersb glink intent size\n");
+		return;
+	}
 	dev->slate_resp_cmplt = true;
 	wake_up(&dev->link_state_wait);
 	memcpy(dev->rx_buf, data, len);
diff --git a/drivers/soc/qcom/slatecom_interface.c b/drivers/soc/qcom/slatecom_interface.c
index 5613040a7ffa..e4629aaf9bd7 100644
--- a/drivers/soc/qcom/slatecom_interface.c
+++ b/drivers/soc/qcom/slatecom_interface.c
@@ -52,6 +52,7 @@
 #define __QAPI_VERSION_MAJOR_MASK (0xff000000)
 #define __QAPI_VERSION_MINOR_MASK (0x00ff0000)
 #define __QAPI_VERSION_NIT_MASK (0x0000ffff)
+#define SCOM_GLINK_INTENT_SIZE 308
 
 /*pil_slate_intf.h*/
 #define RESULT_SUCCESS 0
@@ -121,7 +122,7 @@ struct slatedaemon_priv {
 	bool slate_resp_cmplt;
 	void *lhndl;
 	wait_queue_head_t link_state_wait;
-	char rx_buf[308];
+	char rx_buf[SCOM_GLINK_INTENT_SIZE];
 	struct work_struct slatecom_up_work;
 	struct work_struct slatecom_down_work;
 	struct mutex glink_mutex;
@@ -226,6 +227,10 @@ void slatecom_rx_msg(void *data, int len)
 	struct slatedaemon_priv *dev =
 		container_of(slatecom_intf_drv, struct slatedaemon_priv, lhndl);
 
+	if (len > SCOM_GLINK_INTENT_SIZE) {
+		pr_err("Invalid slatecom_intf glink intent size\n");
+		return;
+	}
 	dev->slate_resp_cmplt = true;
 	wake_up(&dev->link_state_wait);
 	memcpy(dev->rx_buf, data, len);