CVE-2022-40530 – Integer overflow to buffer overflow in WLAN
https://notcve.org/view.php?id=CVE-2022-40530
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVE-2022-40515 – Double free in Video
https://notcve.org/view.php?id=CVE-2022-40515
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-415: Double Free •
CVE-2022-33257 – Time-of-check time-of-use race condition in Core
https://notcve.org/view.php?id=CVE-2022-33257
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2022-33245 – Use after free in WLAN
https://notcve.org/view.php?id=CVE-2022-33245
Memory corruption in WLAN due to use after free • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-416: Use After Free •
CVE-2022-33242 – Improper authentication in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2022-33242
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-287: Improper Authentication •