CVE-2024-23368 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition. Corrupción de la memoria al asignar y acceder a una entrada en una partición SMEM. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-43536 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43536
Transient DOS while parse fils IE with length equal to 1. DOS transitorio mientras analiza fils IE con una longitud igual a 1. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-126: Buffer Over-read •
CVE-2023-43534 – Use of Out-of-range Pointer Offset in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43534
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. Corrupción de la memoria al validar el TID para el frame de solicitud de acción de Mapeo de enlaces, cuando una estación se conecta a un punto de acceso. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-43522 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43522
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. DOS transitorio durante el proceso de desencapsulación de claves, cuando la clave cifrada proporcionada está vacía o es NULL. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVE-2023-43520 – Stack-based Buffer Overflow in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43520
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. Corrupción de la memoria cuando AP incluye TID para vincular el IE de mapeo en las balizas y STA está analizando el TID de baliza para vincular el IE de mapeo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •