CVE-2023-33099 – Improper Input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33099
Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR. DOS transitorio mientras se procesa un contenedor de SMS de tamaño no estándar recibido en el transporte DL NAS en NR. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-20: Improper Input Validation •
CVE-2023-33023 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
https://notcve.org/view.php?id=CVE-2023-33023
Memory corruption while processing finish_sign command to pass a rsp buffer. Corrupción de la memoria al procesar el comando Finish_sign para pasar un búfer rsp. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-28547 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28547
Memory corruption in SPS Application while requesting for public key in sorter TA. Corrupción de la memoria en la aplicación SPS al solicitar la clave pública en el clasificador TA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-43553 – Use of Out-of-range Pointer Offset in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43553
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. Corrupción de la memoria al analizar el marco de respuesta de baliza/sonda cuando AP envía más enlaces compatibles en MLIE. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-43552 – Use After Free in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2023-43552
Memory corruption while processing MBSSID beacon containing several subelement IE. Corrupción de la memoria al procesar la baliza MBSSID que contiene varios subelementos IE. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-416: Use After Free •