CVSS: 8.2EPSS: 0%CPEs: 10EXPL: 0CVE-2024-38408 – Cryptographic Issues in BT Controller
https://notcve.org/view.php?id=CVE-2024-38408
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23385 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38402 – Use After Free in DSP Services
https://notcve.org/view.php?id=CVE-2024-38402
Memory corruption while processing IOCTL call for getting group info. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 0CVE-2024-33060 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2024-33060
Memory corruption when two threads try to map and unmap a single node simultaneously. A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2024-33052 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
https://notcve.org/view.php?id=CVE-2024-33052
Memory corruption when user provides data for FM HCI command control operations. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •