CVE-2022-22076 – Cryptographic issue in Core
https://notcve.org/view.php?id=CVE-2022-22076
information disclosure due to cryptographic issue in Core during RPMB read request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-310: Cryptographic Issues •
CVE-2022-40504 – Reachable assertion in Modem
https://notcve.org/view.php?id=CVE-2022-40504
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-617: Reachable Assertion •
CVE-2022-33305 – Null pointer dereference in Modem
https://notcve.org/view.php?id=CVE-2022-33305
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-476: NULL Pointer Dereference •
CVE-2022-33292 – Use after free in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2022-33292
Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-416: Use After Free •
CVE-2023-21630 – Integer Overflow in Multimedia Framework
https://notcve.org/view.php?id=CVE-2023-21630
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •