CVSS: 7.8EPSS: 0%CPEs: 448EXPL: 0CVE-2024-21469 – Permissions, Privileges, and Access Control issues in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21469
01 Jul 2024 — Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Corrupción de la memoria cuando una llamada de invocación y una llamada TEE están vinculadas a la misma aplicación confiable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2024-21466 – Integer Underflow (Wrap or Wraparound) in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21466
01 Jul 2024 — Information disclosure while parsing sub-IE length during new IE generation. Divulgación de información al analizar la longitud sub-IE durante la nueva generación de IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2024-21465 – Buffer Over-read in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2024-21465
01 Jul 2024 — Memory corruption while processing key blob passed by the user. Corrupción de la memoria al procesar el blob de claves pasado por el usuario. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.1EPSS: 0%CPEs: 622EXPL: 0CVE-2024-21462 – Buffer Over-read in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21462
01 Jul 2024 — Transient DOS while loading the TA ELF file. DOS transitorio mientras se carga el archivo TA ELF. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 626EXPL: 0CVE-2024-21461 – Double Free in HLOS
https://notcve.org/view.php?id=CVE-2024-21461
01 Jul 2024 — Memory corruption while performing finish HMAC operation when context is freed by keymaster. Corrupción de la memoria al realizar la operación de finalización de HMAC cuando Keymaster libera el contexto. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 222EXPL: 0CVE-2024-21458 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21458
01 Jul 2024 — Information disclosure while handling SA query action frame. Divulgación de información durante el manejo del frame de acción de consulta SA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 222EXPL: 0CVE-2024-21457 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21457
01 Jul 2024 — INformation disclosure while handling Multi-link IE in beacon frame. Divulgación de información mientras se maneja IE de enlace múltiple en un frame de baliza. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-21456 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21456
01 Jul 2024 — Information Disclosure while parsing beacon frame in STA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.2EPSS: 0%CPEs: 12EXPL: 0CVE-2024-21478 – NULL Pointer Dereference in Graphics
https://notcve.org/view.php?id=CVE-2024-21478
03 Jun 2024 — transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. DOS transitorio al configurar una devolución de llamada de valla para liberar un objeto de entrada de memoria KGSL durante DMA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-43544 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-43544
03 Jun 2024 — Memory corruption when IPC callback handle is used after it has been released during register callback by another thread. Corrupción de la memoria cuando se utiliza el identificador de devolución de llamada de IPC después de que otro subproceso lo haya liberado durante la devolución de llamada del registro. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-416: Use After Free •