CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVE-2023-21659 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-21657 – Improper Input Validation in Audio
https://notcve.org/view.php?id=CVE-2023-21657
Memoru corruption in Audio when ADSP sends input during record use case. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-20: Improper Input Validation •
CVE-2023-21628 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2022-40536 – Improper authentication in Modem
https://notcve.org/view.php?id=CVE-2022-40536
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-285: Improper Authorization CWE-287: Improper Authentication •