CVE-2024-33016 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Storage
https://notcve.org/view.php?id=CVE-2024-33016
memory corruption when an invalid firehose patch command is invoked. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2024-23362 – Improper Input Validation in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2024-23362
Cryptographic issue while parsing RSA keys in COBR format. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-20: Improper Input Validation •
CVE-2024-23359 – Buffer Over-read in Multi Mode Call Processor
https://notcve.org/view.php?id=CVE-2024-23359
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-33014 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33014
Transient DOS while parsing ESP IE from beacon/probe response frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-23357 – NULL Pointer Dereference in HLOS
https://notcve.org/view.php?id=CVE-2024-23357
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-476: NULL Pointer Dereference •