CVE-2023-33046 – Time-of-check Time-of-use (TOCTOU) Race Condition in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33046
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. Corrupción de la memoria en Trusted Execution Environment al desinicializar un objeto utilizado para la validación de la licencia. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVE-2023-43511 – Loop with Unreachable Exit Condition (Infinite Loop) in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. DOS transitorio mientras se analiza el encabezado de extensión IPv6 cuando el firmware WLAN recibe un paquete IPv6 que contiene "IPPROTO_NONE" como el siguiente encabezado. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2023-33116 – Buffer over-read without Checking Size of Input in WLAN Host
https://notcve.org/view.php?id=CVE-2023-33116
Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. DOS transitorio mientras se analiza ieee80211_parse_mscs_ie en el controlador WIN WLAN. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33113 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Kernel
https://notcve.org/view.php?id=CVE-2023-33113
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. Corrupción de la memoria cuando el administrador de recursos envía al kernel del host un mensaje de respuesta con múltiples fragmentos. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-33112 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33112
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. DOS transitorio cuando el firmware WLAN recibe una trama de "reassoc response" que incluye el elemento RIC_DATA. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-126: Buffer Over-read •