CVE-2023-28546 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA. Corrupción de la memoria en la aplicación SPS al exportar la clave pública en el clasificador TA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVE-2023-33055 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33055
Memory Corruption in Audio while invoking callback function in driver from ADSP. Corrupción de la memoria en Audio al invocar la función de devolución de llamada en el controlador desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-33031 – Buffer Copy Without Checking Size of Input in Automotive Audio
https://notcve.org/view.php?id=CVE-2023-33031
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Corrupción de la memoria en Automotive Audio al copiar datos del búfer compartido ADSP al búfer de datos del paquete VOC. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-28563 – Buffer Over-read in IOE Firmware
https://notcve.org/view.php?id=CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command. Divulgación de información en IOE Firmware mientras se maneja el comando WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •