CVE-2023-43527 – Buffer Over-read in Video
https://notcve.org/view.php?id=CVE-2023-43527
Information disclosure while parsing dts header atom in Video. Divulgación de información al analizar el átomo del encabezado dts en video. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2023-33119 – Time-of-check Time-of-use (TOCTOU) Race Condition in Hypervisor
https://notcve.org/view.php?id=CVE-2023-33119
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. Daños en la memoria al cargar una máquina virtual desde una imagen de máquina virtual firmada que no es coherente en la memoria caché del procesador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2024-21473 – Improper Input Validation in WIN SON
https://notcve.org/view.php?id=CVE-2024-21473
Memory corruption while redirecting log file to any file location with any file name. Corrupción de la memoria al redirigir el archivo de registro a cualquier ubicación de archivo con cualquier nombre de archivo. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple Qualcomm chipsets. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Qualcomm LDB service. The issue results from the lack of proper validation of user-supplied data prior to further processing. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-20: Improper Input Validation •
CVE-2024-21470 – Integer Overflow to Buffer Overflow in Graphics Windows
https://notcve.org/view.php?id=CVE-2024-21470
Memory corruption while allocating memory for graphics. Corrupción de la memoria al asignar memoria para gráficos. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVE-2024-21468 – Use After Free in Kernel
https://notcve.org/view.php?id=CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU. Corrupción de la memoria cuando falla la operación de desasignación en la GPU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-416: Use After Free •