CVE-2024-23380 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2024-23380
Memory corruption while handling user packets during VBO bind operation. Corrupción de la memoria al manejar paquetes de usuario durante la operación de enlace VBO. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-23373 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2024-23373
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Corrupción de la memoria cuando falla la operación de desasignación de IOMMU, se liberan los búferes DMA y anon. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-23372 – Integer Overflow or Wraparound in Graphics
https://notcve.org/view.php?id=CVE-2024-23372
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size. La memoria se daña al invocar una llamada IOCTL para la asignación de memoria de la GPU y el parámetro de tamaño es mayor que el tamaño esperado. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVE-2024-23368 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition. Corrupción de la memoria al asignar y acceder a una entrada en una partición SMEM. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-21469 – Permissions, Privileges, and Access Control issues in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21469
Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Corrupción de la memoria cuando una llamada de invocación y una llamada TEE están vinculadas a la misma aplicación confiable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •