CVE-2024-38405 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-38405
Transient DOS while processing the CU information from RNR IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-38403 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-38403
Transient DOS while parsing BTM ML IE when per STA profile is not included. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-33068 – Use After Free in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33068
Transient DOS while parsing fragments of MBSSID IE from beacon frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-23385 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-617: Reachable Assertion •
CVE-2024-20112
https://notcve.org/view.php?id=CVE-2024-20112
In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •