CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2024-21466 – Integer Underflow (Wrap or Wraparound) in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21466
01 Jul 2024 — Information disclosure while parsing sub-IE length during new IE generation. Divulgación de información al analizar la longitud sub-IE durante la nueva generación de IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2024-21465 – Buffer Over-read in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2024-21465
01 Jul 2024 — Memory corruption while processing key blob passed by the user. Corrupción de la memoria al procesar el blob de claves pasado por el usuario. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.1EPSS: 0%CPEs: 622EXPL: 0CVE-2024-21462 – Buffer Over-read in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21462
01 Jul 2024 — Transient DOS while loading the TA ELF file. DOS transitorio mientras se carga el archivo TA ELF. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 626EXPL: 0CVE-2024-21461 – Double Free in HLOS
https://notcve.org/view.php?id=CVE-2024-21461
01 Jul 2024 — Memory corruption while performing finish HMAC operation when context is freed by keymaster. Corrupción de la memoria al realizar la operación de finalización de HMAC cuando Keymaster libera el contexto. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-415: Double Free •
CVSS: 7.1EPSS: 0%CPEs: 30EXPL: 0CVE-2024-21460 – Use of Insufficiently Random Values in Core
https://notcve.org/view.php?id=CVE-2024-21460
01 Jul 2024 — Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space. Divulgación de información cuando ASLR reubica las partes IMEM y DDR segura como un solo fragmento en el espacio de direcciones virtuales. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 0%CPEs: 222EXPL: 0CVE-2024-21458 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21458
01 Jul 2024 — Information disclosure while handling SA query action frame. Divulgación de información durante el manejo del frame de acción de consulta SA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 222EXPL: 0CVE-2024-21457 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21457
01 Jul 2024 — INformation disclosure while handling Multi-link IE in beacon frame. Divulgación de información mientras se maneja IE de enlace múltiple en un frame de baliza. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-21456 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21456
01 Jul 2024 — Information Disclosure while parsing beacon frame in STA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0CVE-2024-23360 – Improper Access Control in Graphics Windows
https://notcve.org/view.php?id=CVE-2024-23360
03 Jun 2024 — Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers. Corrupción de la memoria al crear un cliente LPAC, ya que al motor LPAC se le permitió acceder a los registros de GPU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-43544 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-43544
03 Jun 2024 — Memory corruption when IPC callback handle is used after it has been released during register callback by another thread. Corrupción de la memoria cuando se utiliza el identificador de devolución de llamada de IPC después de que otro subproceso lo haya liberado durante la devolución de llamada del registro. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-416: Use After Free •