CVE-2023-43520 – Stack-based Buffer Overflow in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43520
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. Corrupción de la memoria cuando AP incluye TID para vincular el IE de mapeo en las balizas y STA está analizando el TID de baliza para vincular el IE de mapeo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-43513 – Use of Out-of-range Pointer Offset in PCIe
https://notcve.org/view.php?id=CVE-2023-43513
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. Corrupción de la memoria al procesar el anillo de eventos, el puntero de lectura de contexto no es confiable para HLOS y cuando se pasa con valores arbitrarios, puede apuntar a la dirección en el medio del elemento del anillo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33077 – Buffer Copy Without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33077
Memory corruption in HLOS while converting from authorization token to HIDL vector. Corrupción de la memoria en HLOS al convertir del token de autorización al vector HIDL. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33076 – Configuration Issue in Core
https://notcve.org/view.php?id=CVE-2023-33076
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. La corrupción de la memoria en Core cuando se habilita la actualización de la versión de reversión para la función TA y OTA. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-16: Configuration CWE-787: Out-of-bounds Write •
CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •