CVE-2023-28587 – Improper Restriction of Operations within the Bounds of a Memory Buffer in BT Controller
https://notcve.org/view.php?id=CVE-2023-28587
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. Corrupción de la memoria en el controlador BT al analizar comandos de depuración con subcódigos de operación específicos en el nivel de la interfaz HCI. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-28586 – Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Divulgación de información cuando se accede a las direcciones de símbolos de metadatos de la aplicación confiable mientras se carga un ELF en TEE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-28585 – Integer Overflow to Buffer Overflow in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel. Corrupción de la memoria al cargar un segmento ELF en TEE Kernel. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVE-2023-28580 – Buffer Copy Without Checking Size of Input in WLAN Host
https://notcve.org/view.php?id=CVE-2023-28580
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache. Corrupción de la memoria en el host WLAN al configurar la longitud de PMK en la longitud de PMK en la memoria caché interna. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-28579 – Buffer Copy Without Checking Size of Input in WLAN Host
https://notcve.org/view.php?id=CVE-2023-28579
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length. Corrupción de la memoria en el host WLAN al deserializar los bytes PMK de entrada sin verificar la longitud del PMK de entrada. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •