CVE-2022-40538 – Reachable assertion in Modem
https://notcve.org/view.php?id=CVE-2022-40538
Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-617: Reachable Assertion •
CVE-2022-40536 – Improper authentication in Modem
https://notcve.org/view.php?id=CVE-2022-40536
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVE-2022-40533 – Untrusted Pointer Dereference in Core
https://notcve.org/view.php?id=CVE-2022-40533
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVE-2022-40529 – Improper access control in Kernel
https://notcve.org/view.php?id=CVE-2022-40529
Memory corruption due to improper access control in kernel while processing a mapping request from root process. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVE-2022-40523 – Information exposure in Kernel
https://notcve.org/view.php?id=CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •