CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-38423 – Buffer Copy Without Checking Size of Input in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38423
04 Nov 2024 — Memory corruption while processing GPU page table switch. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
04 Nov 2024 — Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38419 – Use After Free in Automotive GPU
https://notcve.org/view.php?id=CVE-2024-38419
04 Nov 2024 — Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38415 – Use After Free in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38415
04 Nov 2024 — Memory corruption while handling session errors from firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-38408 – Cryptographic Issues in BT Controller
https://notcve.org/view.php?id=CVE-2024-38408
04 Nov 2024 — Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38407 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-38407
04 Nov 2024 — Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38406 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-38406
04 Nov 2024 — Memory corruption while handling IOCTL calls in JPEG Encoder driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-33068 – Use After Free in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33068
04 Nov 2024 — Transient DOS while parsing fragments of MBSSID IE from beacon frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23385 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2024-23385
04 Nov 2024 — Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2024-38402 – Use After Free in DSP Services
https://notcve.org/view.php?id=CVE-2024-38402
02 Sep 2024 — Memory corruption while processing IOCTL call for getting group info. adsprpc suffers from a refcount leak that leads to a use-after-free condition in fastrpc_get_process_gids. • https://packetstorm.news/files/id/189857 • CWE-416: Use After Free •