CVSS: 7.8EPSS: 0%CPEs: 368EXPL: 1CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
06 Jun 2023 — Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • https://packetstorm.news/files/id/173296 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 252EXPL: 0CVE-2023-21657 – Improper Input Validation in Audio
https://notcve.org/view.php?id=CVE-2023-21657
06 Jun 2023 — Memoru corruption in Audio when ADSP sends input during record use case. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 256EXPL: 0CVE-2023-21656 – Improper Input Validation in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-21656
06 Jun 2023 — Memory corruption in WLAN HOST while receiving an WMI event from firmware. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 566EXPL: 0CVE-2023-21628 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-21628
06 Jun 2023 — Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 392EXPL: 0CVE-2022-40529 – Improper access control in Kernel
https://notcve.org/view.php?id=CVE-2022-40529
06 Jun 2023 — Memory corruption due to improper access control in kernel while processing a mapping request from root process. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 8.4EPSS: 3%CPEs: 484EXPL: 0CVE-2022-40507 – Double free in Core
https://notcve.org/view.php?id=CVE-2022-40507
06 Jun 2023 — Memory corruption due to double free in Core while mapping HLOS address to the list. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-415: Double Free •
CVSS: 7.1EPSS: 0%CPEs: 696EXPL: 0CVE-2022-22076 – Cryptographic issue in Core
https://notcve.org/view.php?id=CVE-2022-22076
06 Jun 2023 — information disclosure due to cryptographic issue in Core during RPMB read request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-310: Cryptographic Issues •
CVSS: 8.4EPSS: 0%CPEs: 442EXPL: 1CVE-2023-21665 – Incorrect Type Conversion or Cast in Graphics
https://notcve.org/view.php?id=CVE-2023-21665
02 May 2023 — Memory corruption in Graphics while importing a file. Qualcomm Adreno/KGSL suffers from an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr(). • https://packetstorm.news/files/id/172663 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0CVE-2022-25713 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Automotive
https://notcve.org/view.php?id=CVE-2022-25713
02 May 2023 — Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 706EXPL: 0CVE-2022-40532 – Integer overflow or wraparound in WLAN
https://notcve.org/view.php?id=CVE-2022-40532
04 Apr 2023 — Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-190: Integer Overflow or Wraparound •