CVE-2023-43517 – Improper Access Control in Automotive Multimedia
https://notcve.org/view.php?id=CVE-2023-43517
Memory corruption in Automotive Multimedia due to improper access control in HAB. Corrupción de la memoria en Automotive Multimedia debido a un control de acceso inadecuado en HAB. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-284: Improper Access Control CWE-787: Out-of-bounds Write •
CVE-2023-33076 – Configuration Issue in Core
https://notcve.org/view.php?id=CVE-2023-33076
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. La corrupción de la memoria en Core cuando se habilita la actualización de la versión de reversión para la función TA y OTA. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-16: Configuration CWE-787: Out-of-bounds Write •
CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33046 – Time-of-check Time-of-use (TOCTOU) Race Condition in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33046
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. Corrupción de la memoria en Trusted Execution Environment al desinicializar un objeto utilizado para la validación de la licencia. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVE-2023-33037 – Cryptographic Issues in Automotive
https://notcve.org/view.php?id=CVE-2023-33037
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Problema criptográfico en Automotive al desenvolver la clave secs2d y verificar con datos de RPMB. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-310: Cryptographic Issues CWE-311: Missing Encryption of Sensitive Data •