CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVE-2023-22388 – Use of Out-of-range Pointer Offset in Multi-mode Call Processor
https://notcve.org/view.php?id=CVE-2023-22388
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Corrupción de la memoria en Multi-mode Call Processor mientras se procesa la API de máscara de bits. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33021 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2023-33021
Memory corruption in Graphics while processing user packets for command submission. Corrupción de la memoria en Graphics al procesar paquetes de usuario para el envío de comandos. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-416: Use After Free •
CVE-2023-28584 – Improper Authorization in WLAN Host
https://notcve.org/view.php?id=CVE-2023-28584
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA). Un ataque de denegación de servicio (DOS) en WLAN host cuando una estación móvil recibe un canal no válido en CSA IE mientras realiza el anuncio de cambio de canal (CSA). • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-285: Improper Authorization •
CVE-2023-28567 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces. Corrupción de memoria en WLAN HAL al manejar flujos de comandos a través de interfaces WMI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •