CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVE-2023-22388 – Use of Out-of-range Pointer Offset in Multi-mode Call Processor
https://notcve.org/view.php?id=CVE-2023-22388
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Corrupción de la memoria en Multi-mode Call Processor mientras se procesa la API de máscara de bits. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33035 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33035
Memory corruption while invoking callback function of AFE from ADSP. Corrupción de la memoria al invocar la función de devolución de llamada de AFE desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33027 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33027
Transient DOS in WLAN Firmware while parsing rsn ies. DOS transitorio en el WLAN Firmware mientras se analiza rsn ies. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-28540 – Improper Authentication in Data Modem
https://notcve.org/view.php?id=CVE-2023-28540
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Problema criptográfico en Data Modem debido a una autenticación incorrecta durante el protocolo de enlace TLS. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-287: Improper Authentication •