CVSS: 7.8EPSS: 0%CPEs: 272EXPL: 0CVE-2023-33118 – Use After Free in Automotive Audio
https://notcve.org/view.php?id=CVE-2023-33118
02 Jan 2024 — Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. Corrupción de la memoria durante el procesamiento de búfer de paylaod del cliente Listen Sound Model cuando hay una solicitud para que la sesión Listen Sound obtenga el parámetro de ST HAL. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 282EXPL: 0CVE-2023-33117 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-33117
02 Jan 2024 — Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. Corrupción de la memoria cuando HLOS asigna el búfer de payload de respuesta para copiar los datos recibidos de ADSP en respuesta al comando AVCS_LOAD_MODULE. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 224EXPL: 0CVE-2023-33114 – Use after free in Neural Processing Unit
https://notcve.org/view.php?id=CVE-2023-33114
02 Jan 2024 — Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. Corrupción de la memoria al ejecutar NPU, cuando los comandos NETWORK_UNLOAD y (NETWORK_UNLOAD o NETWORK_EXECUTE_V2) se envían al mismo tiempo. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 626EXPL: 0CVE-2023-33109 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33109
02 Jan 2024 — Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. DOS transitorio mientras se procesa un comando de inicio de escucha WMI P2P (0xD00A) enviado desde el host. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 8.4EPSS: 0%CPEs: 250EXPL: 0CVE-2023-33094 – Use After Free in Linux Graphics
https://notcve.org/view.php?id=CVE-2023-33094
02 Jan 2024 — Memory corruption while running VK synchronization with KASAN enabled. Corrupción de la memoria al ejecutar la sincronización VK con KASAN habilitado. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 586EXPL: 0CVE-2023-33062 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33062
02 Jan 2024 — Transient DOS in WLAN Firmware while parsing a BTM request. DOS transitorio en el firmware WLAN mientras se analiza una solicitud BTM. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 294EXPL: 0CVE-2023-33040 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-33040
02 Jan 2024 — Transient DOS in Data Modem during DTLS handshake. DOS transitorio en el módem de datos durante el protocolo de enlace DTLS. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 294EXPL: 0CVE-2023-33038 – Integer Overflow or Wraparound in Radio Interface Layer
https://notcve.org/view.php?id=CVE-2023-33038
02 Jan 2024 — Memory corruption while receiving a message in Bus Socket Transport Server. Corrupción de la memoria al recibir un mensaje en Bus Socket Transport Server. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 166EXPL: 0CVE-2023-33037 – Cryptographic Issues in Automotive
https://notcve.org/view.php?id=CVE-2023-33037
02 Jan 2024 — Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Problema criptográfico en Automotive al desenvolver la clave secs2d y verificar con datos de RPMB. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-310: Cryptographic Issues CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.1EPSS: 0%CPEs: 214EXPL: 0CVE-2023-33036 – NULL Pointer Dereference in Hypervisor
https://notcve.org/view.php?id=CVE-2023-33036
02 Jan 2024 — Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. DOS permanente en Hypervisor mientras una máquina virtual que no es de confianza y sin soporte PSCI realiza una llamada de PSCI. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •