CVE-2024-33028 – Use After Free in Automotive Telematics
https://notcve.org/view.php?id=CVE-2024-33028
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-33027 – Improper Access Control in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-33027
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-284: Improper Access Control •
CVE-2024-33026 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-33025 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33025
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-33024 – Integer Overflow or Wraparound in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •