NotCVE-2023-0001 – Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
https://notcve.org/view.php?id=NotCVE-2023-0001
A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •
CVE-2024-43047 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-38425 – Improper Authorization in Performance
https://notcve.org/view.php?id=CVE-2024-38425
Information disclosure while sending implicit broadcast containing APP launch information. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-285: Improper Authorization •
CVE-2024-38397 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-38397
Transient DOS while parsing probe response and assoc response frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-33073 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33073
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-126: Buffer Over-read •