CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVE-2023-33054 – Improper Authentication in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-33054
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Problema criptográfico en el controlador GPS HLOS al descargar datos de asistencia GNSS de Qualcomm. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-287: Improper Authentication •
CVE-2023-33053 – Improper Validation of Array Index in Kernel
https://notcve.org/view.php?id=CVE-2023-33053
Memory corruption in Kernel while parsing metadata. Corrupción de la memoria en el Kernel al analizar metadatos. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVE-2023-33024 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer
https://notcve.org/view.php?id=CVE-2023-33024
Memory corruption while sending SMS from AP firmware. Corrupción de la memoria al enviar SMS desde el firmware AP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33022 – Integer Overflow to Buffer Overflow in HLOS
https://notcve.org/view.php?id=CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space. Corrupción de la memoria en HLOS al invocar llamadas IOCTL desde el espacio de usuario. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •