CVE-2023-21628 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2022-40525 – Information Exposure in Linux Networking Firmware
https://notcve.org/view.php?id=CVE-2022-40525
Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2022-40522 – Double free in Linux Networking
https://notcve.org/view.php?id=CVE-2022-40522
Memory corruption in Linux Networking due to double free while handling a hyp-assign. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-415: Double Free •
CVE-2022-22076 – Cryptographic issue in Core
https://notcve.org/view.php?id=CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-310: Cryptographic Issues •
CVE-2022-33304 – NULL pointers dereference in Modem
https://notcve.org/view.php?id=CVE-2022-33304
Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-476: NULL Pointer Dereference •