CVE-2023-33092 – Buffer Copy Without Checking Size of Input in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-33092
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. Corrupción de la memoria al procesar la respuesta del PIN en Bluetooth, cuando el código PIN recibido desde la capa de la APLICACIÓN es mayor que el tamaño esperado. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33017 – Buffer Copy Without Checking Size of Input in Boot
https://notcve.org/view.php?id=CVE-2023-33017
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Corrupción de la memoria en el arranque mientras se ejecuta una prueba ListVars en el menú UEFI durante el arranque. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-28588 – Integer Overflow or Wraparound in Bluetooth Host
https://notcve.org/view.php?id=CVE-2023-28588
Transient DOS in Bluetooth Host while rfc slot allocation. DOS transitorio en el host Bluetooth mientras se asigna la ranura RFC. • https://github.com/Trinadh465/CVE-2023-28588 https://github.com/uthrasri/CVE-2023-28588 https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVE-2023-28586 – Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28586
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Divulgación de información cuando se accede a las direcciones de símbolos de metadatos de la aplicación confiable mientras se carga un ELF en TEE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-28551 – Improper Restriction of Operations within the Bounds of a Memory Buffer in UTILS
https://notcve.org/view.php?id=CVE-2023-28551
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. Corrupción de la memoria en UTILS cuando el módem procesa comandos Diag específicos de la memoria que tienen valores de dirección arbitrarios como argumentos de entrada. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •