CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2023-33077 – Buffer Copy Without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33077
06 Feb 2024 — Memory corruption in HLOS while converting from authorization token to HIDL vector. Corrupción de la memoria en HLOS al convertir del token de autorización al vector HIDL. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 308EXPL: 0CVE-2023-33076 – Configuration Issue in Core
https://notcve.org/view.php?id=CVE-2023-33076
06 Feb 2024 — Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. La corrupción de la memoria en Core cuando se habilita la actualización de la versión de reversión para la función TA y OTA. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-16: Configuration CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 496EXPL: 0CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
06 Feb 2024 — Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 226EXPL: 0CVE-2023-33069 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33069
06 Feb 2024 — Memory corruption in Audio while processing the calibration data returned from ACDB loader. Corrupción de la memoria en audio mientras se procesan los datos de calibración devueltos por el cargador ACDB. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 226EXPL: 0CVE-2023-33068 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33068
06 Feb 2024 — Memory corruption in Audio while processing IIR config data from AFE calibration block. Corrupción de la memoria en audio mientras se procesan datos de configuración IIR del bloque de calibración AFE. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 226EXPL: 0CVE-2023-33067 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33067
06 Feb 2024 — Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. Corrupción de la memoria en el audio al llamar al comando INICIO en el PCM de voz del host varias veces para los mismos puntos de derivación RX o TX. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.1EPSS: 0%CPEs: 208EXPL: 0CVE-2023-33065 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-33065
06 Feb 2024 — Information disclosure in Audio while accessing AVCS services from ADSP payload. Divulgación de información en audio al acceder a los servicios AVCS desde el payload ADSP. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 178EXPL: 0CVE-2023-33064 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-33064
06 Feb 2024 — Transient DOS in Audio when invoking callback function of ASM driver. DOS transitorio en audio al invocar la función de devolución de llamada del controlador ASM. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 3%CPEs: 484EXPL: 0CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
05 Dec 2023 — Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 3%CPEs: 306EXPL: 0CVE-2023-33106 – Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
https://notcve.org/view.php?id=CVE-2023-33106
05 Dec 2023 — Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Corrupción de la memoria al enviar una lista grande de puntos de sincronización en un comando AUX al IOCTL_KGSL_GPU_AUX_COMMAND. Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •