CVE-2023-28571 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-28571
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. Divulgación de información en WLAN HOST mientras se procesa la lista de descriptores de escaneo de WLAN durante el escaneo de roaming. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-28540 – Improper Authentication in Data Modem
https://notcve.org/view.php?id=CVE-2023-28540
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Problema criptográfico en Data Modem debido a una autenticación incorrecta durante el protocolo de enlace TLS. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-287: Improper Authentication •
CVE-2023-24855 – Use of Out-of-range Pointer Offset in Modem
https://notcve.org/view.php?id=CVE-2023-24855
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Corrupción de la memoria en el Modem mientras se procesa la configuración relacionada con la seguridad antes de AS Security Exchange. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-24853 – Improper Input Validation in HLOS
https://notcve.org/view.php?id=CVE-2023-24853
Memory Corruption in HLOS while registering for key provisioning notify. Notificación de corrupción de memoria en HLOS al registrarse para el aprovisionamiento de claves. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2023-24850 – Improper Validation of Array Index in HLOS
https://notcve.org/view.php?id=CVE-2023-24850
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Corrupción de la memoria en HLOS al importar una clave criptográfica en la aplicación de confianza KeyMaster. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-129: Improper Validation of Array Index •