CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33060 – Buffer Over-read in Core
https://notcve.org/view.php?id=CVE-2023-33060
Transient DOS in Core when DDR memory check is called while DDR is not initialized. DOS transitorio en Core cuando se llama a la verificación de la memoria DDR mientras DDR no está inicializado. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33058 – Buffer Copy Without Checking Size of Input in Modem
https://notcve.org/view.php?id=CVE-2023-33058
Information disclosure in Modem while processing SIB5. Divulgación de información en Modem durante el procesamiento SIB5. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33057 – Improper Input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33057
Transient DOS in Multi-Mode Call Processor while processing UE policy container. DOS transitorio en el procesador de llamadas multimodo mientras se procesa el contenedor de políticas UE. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-20: Improper Input Validation •
CVE-2023-33049 – Improper Release of Memory Before Removing Last Reference in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33049
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. DOS transitorio en el procesador de llamadas multimodo debido a una falla del UE debido a una fuga de montón. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-401: Missing Release of Memory after Effective Lifetime •