CVE-2023-33030 – Buffer Copy without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33030
Memory corruption in HLOS while running playready use-case. Corrupción de la memoria en HLOS mientras se ejecuta el caso de uso de PlayReady. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-28583 – Double Free in Data Network Stack & Connectivity
https://notcve.org/view.php?id=CVE-2023-28583
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. Corrupción de la memoria cuando expira la vida útil del objeto del temporizador de prefijo IPv6, que se crea mientras el daemon Netmgr obtiene una dirección IPv6. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-415: Double Free •
CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVE-2023-33070 – Improper Authentication in Automotive OS
https://notcve.org/view.php?id=CVE-2023-33070
Transient DOS in Automotive OS due to improper authentication to the secure IO calls. DOS transitorio en sistemas operativos automotrices debido a una autenticación incorrecta en las llamadas IO seguras. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-287: Improper Authentication •
CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •