The introduction of AI, with techniques based on machine learning (ML), in wireless communication systems provides new opportunities to make more efficient use of available radio resources, but also risks introducing new types of vulnerabilities. For wireless communication systems, attacks and vulnerabilities are not as well studied as in other technology areas, such as image and language processing. The field that studies attacks against ML models is called adversarial machine learning (AML). The term AML usually also includes defense methods against such attacks, but in this report we focus on the attacks and the threats they constitute to wireless communication systems. The purpose of this report is to analyze the types of AML attacks against wireless communication systems that pose realistic threats and the consequences they can have on communication systems. The report presents an overview of the different features that characterize AML attacks against wireless communications, provides examples of such attacks and discusses their realizability and impact. The aim is to assess which AML attacks constitute serious threats and therefore require the development of countermeasures. One difference for wireless communication, compared to other technologies, is that potential attacks occur physically via the radio interface. This means that AML attacks against wireless communication systems must take into account the effects of the radio channel. The radio channel increases the complexity of the attack which is not the case for other applications and several studies neglect the impact of the radio channel. AML attacks can also be used by communication systems to impact on adversaries, for example through deliberate false signaling to make ML based signals intelligence more difficult. Based on the publications analyzed in this study, it is not possible to dismiss AML attacks as a threat in wireless communications; there are examples in several of the areas examined that we believe are feasible. On the other hand the majority of works lack realistic channel aspects, many are based on simplified communication scenarios and often lack qualitative comparisons with traditional jamming. It is thus difficult to determine whether AML attacks in wireless communications are a serious threat. Knowledge of the characteristics required to realize AML attacks in wireless communications, however, provides a good basis for future vulnerability assessments.