CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVE-2023-33039 – Use After Free in Automotive Display
https://notcve.org/view.php?id=CVE-2023-33039
Memory corruption in Automotive Display while destroying the image handle created using connected display driver. Corrupción de la memoria en Automotive Display al destruir el identificador de imagen creado con el controlador de pantalla conectado. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-416: Use After Free •
CVE-2023-24853 – Improper Input Validation in HLOS
https://notcve.org/view.php?id=CVE-2023-24853
Memory Corruption in HLOS while registering for key provisioning notify. Notificación de corrupción de memoria en HLOS al registrarse para el aprovisionamiento de claves. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2023-24850 – Improper Validation of Array Index in HLOS
https://notcve.org/view.php?id=CVE-2023-24850
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Corrupción de la memoria en HLOS al importar una clave criptográfica en la aplicación de confianza KeyMaster. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVE-2023-22382 – Improper Input Validation in Automotive
https://notcve.org/view.php?id=CVE-2023-22382
Weak configuration in Automotive while VM is processing a listener request from TEE. Configuración débil en Automotive mientras VM procesa una solicitud de escucha de TEE. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-20: Improper Input Validation •