CVE-2023-21635 – Buffer Copy without Checking Size of Input in Data Network Stack & Connectivity
https://notcve.org/view.php?id=CVE-2023-21635
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-21633 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux
https://notcve.org/view.php?id=CVE-2023-21633
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-21631 – Improper Input Validation in Modem
https://notcve.org/view.php?id=CVE-2023-21631
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-20: Improper Input Validation •
CVE-2023-21629 – Double Free in Modem
https://notcve.org/view.php?id=CVE-2023-21629
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-415: Double Free •
CVE-2023-21624 – Information Exposure in DSP Services
https://notcve.org/view.php?id=CVE-2023-21624
Information disclosure in DSP Services while loading dynamic module. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •