CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-43513 – Use of Out-of-range Pointer Offset in PCIe
https://notcve.org/view.php?id=CVE-2023-43513
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. Corrupción de la memoria al procesar el anillo de eventos, el puntero de lectura de contexto no es confiable para HLOS y cuando se pasa con valores arbitrarios, puede apuntar a la dirección en el medio del elemento del anillo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.3EPSS: 0%CPEs: 496EXPL: 0CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 202EXPL: 0CVE-2023-33057 – Improper Input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33057
Transient DOS in Multi-Mode Call Processor while processing UE policy container. DOS transitorio en el procesador de llamadas multimodo mientras se procesa el contenedor de políticas UE. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 202EXPL: 0CVE-2023-33049 – Improper Release of Memory Before Removing Last Reference in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33049
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. DOS transitorio en el procesador de llamadas multimodo debido a una falla del UE debido a una fuga de montón. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 718EXPL: 0CVE-2023-43511 – Loop with Unreachable Exit Condition (Infinite Loop) in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. DOS transitorio mientras se analiza el encabezado de extensión IPv6 cuando el firmware WLAN recibe un paquete IPv6 que contiene "IPPROTO_NONE" como el siguiente encabezado. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •