CVE-2023-21633 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux
https://notcve.org/view.php?id=CVE-2023-21633
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-21631 – Improper Input Validation in Modem
https://notcve.org/view.php?id=CVE-2023-21631
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-20: Improper Input Validation •
CVE-2023-21629 – Double Free in Modem
https://notcve.org/view.php?id=CVE-2023-21629
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-415: Double Free •
CVE-2023-21624 – Information Exposure in DSP Services
https://notcve.org/view.php?id=CVE-2023-21624
Information disclosure in DSP Services while loading dynamic module. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • http://packetstormsecurity.com/files/173296/Qualcomm-Adreno-KGSL-Insecure-Execution.html https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •