CVE-2023-21631 – Improper Input Validation in Modem
https://notcve.org/view.php?id=CVE-2023-21631
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-20: Improper Input Validation •
CVE-2023-21629 – Double Free in Modem
https://notcve.org/view.php?id=CVE-2023-21629
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-415: Double Free •
CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • http://packetstormsecurity.com/files/173296/Qualcomm-Adreno-KGSL-Insecure-Execution.html https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVE-2023-21669 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-21669
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-21659 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •