CVE-2023-28555 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-28555
Transient DOS in Audio while remapping channel buffer in media codec decoding. DOS transitorio en Audio mientras se remapea el buffer de canal en la decodificación de codecs multimedia. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVE-2023-21651 – Incorrect Type Conversion or Cast in Core
https://notcve.org/view.php?id=CVE-2023-21651
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Corrupción de memoria en el Core debido a una conversión de tipo o cast incorrecto en la función secure_io_read/write en TEE. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVE-2023-21650 – Improper Validation of Array Index in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-21650
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. Corrupción de memoria en el controlador GPS HLOS cuando injectFdclData recibe datos con una longitud de datos no válida. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVE-2023-21649 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN
https://notcve.org/view.php?id=CVE-2023-21649
Memory corruption in WLAN while running doDriverCmd for an unspecific command. Corrupción de memoria en WLAN al ejecutar doDriverCmd para un comando no específico. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •