CVE-2022-33289 – Improper validation of array index in Modem
https://notcve.org/view.php?id=CVE-2022-33289
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVE-2022-33270 – Time-of-check time-of-use race condition in Modem
https://notcve.org/view.php?id=CVE-2022-33270
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2022-33231 – Double free in Core
https://notcve.org/view.php?id=CVE-2022-33231
Memory corruption due to double free in core while initializing the encryption key. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-415: Double Free •
CVE-2021-35130
https://notcve.org/view.php?id=CVE-2021-35130
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Una corrupción de memoria en la capa de soporte de gráficos debido a la condición de uso después de libre en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-416: Use After Free •
CVE-2021-35123
https://notcve.org/view.php?id=CVE-2021-35123
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT Una copia del búfer en la notificación múltiple de GATT debido a una comprobación inapropiada de la longitud de los datos que llegan por el aire en Snapdragon Connectivity, Snapdragon Industrial IOT • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin •