CVE-2022-33276 – Buffer copy without checking size of input in Modem
https://notcve.org/view.php?id=CVE-2022-33276
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-33253 – Buffer over-read in WLAN
https://notcve.org/view.php?id=CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-125: Out-of-bounds Read •
CVE-2022-33252 – Buffer over-read in WLAN
https://notcve.org/view.php?id=CVE-2022-33252
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-125: Out-of-bounds Read •
CVE-2022-33238
https://notcve.org/view.php?id=CVE-2022-33238
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking DOS transitorio debido a un bucle con condición de salida inalcanzable en WLAN mientras se procesan tramas FTM entrantes. en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2022-33235
https://notcve.org/view.php?id=CVE-2022-33235
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Divulgación de información debido a una sobrelectura del búfer en el firmware de WLAN al analizar los atributos de información del contexto de seguridad. en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-125: Out-of-bounds Read •