CVE-2023-33032 – Integer Overflow or Wraparound in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-33032
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Corrupción de la memoria en TZ Secure OS al solicitar una asignación de memoria de la región TA. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2023-33030 – Buffer Copy without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33030
Memory corruption in HLOS while running playready use-case. Corrupción de la memoria en HLOS mientras se ejecuta el caso de uso de PlayReady. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVE-2023-33098 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33098
Transient DOS while parsing WPA IES, when it is passed with length more than expected size. DOS transitorio al analizar WPA IES, cuando se pasa con una longitud mayor que el tamaño esperado. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33089 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33089
Transient DOS when processing a NULL buffer while parsing WLAN vdev. DOS transitorio al procesar un búfer NULL mientras se analiza WLAN vdev. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-476: NULL Pointer Dereference •