CVE-2023-33041 – Reachable assertion in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33041
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. En ciertos escenarios, el firmware de WLAN alcanzará una afirmación debido a una confusión de estado al buscar ID de pares. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVE-2023-28586 – Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Divulgación de información cuando se accede a las direcciones de símbolos de metadatos de la aplicación confiable mientras se carga un ELF en TEE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-28585 – Integer Overflow to Buffer Overflow in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel. Corrupción de la memoria al cargar un segmento ELF en TEE Kernel. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVE-2023-28550 – Improper Restriction of Operations within the Bounds of a Memory Buffer in MPP Performance
https://notcve.org/view.php?id=CVE-2023-28550
Memory corruption in MPP performance while accessing DSM watermark using external memory address. Corrupción de la memoria en el rendimiento de MPP al acceder a la marca de agua DSM mediante una dirección de memoria externa. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-28554 – Buffer Over-read in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2023-28554
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Divulgación de información en Qualcomm IPC mientras se leen valores de la memoria compartida en VM. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •