CVE-2023-33110 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33110
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. La variable de índice de sesión en el controlador de audio de voz del host PCM que se inicializa antes de abrir el PCM, a la que se accede durante la devolución de llamada de evento desde ADSP y se restablece durante el cierre de PCM puede provocar una condición de ejecución entre la devolución de llamada de evento, el cierre de PCM y el reinicio del índice de sesión, lo que provoca daños en la memoria. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33109 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33109
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. DOS transitorio mientras se procesa un comando de inicio de escucha WMI P2P (0xD00A) enviado desde el host. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVE-2023-33033 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33033
Memory corruption in Audio during playback with speaker protection. Corrupción de la memoria en audio durante la reproducción con protección de altavoz. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33030 – Buffer Copy without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33030
Memory corruption in HLOS while running playready use-case. Corrupción de la memoria en HLOS mientras se ejecuta el caso de uso de PlayReady. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •