CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVE-2023-33106 – Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
https://notcve.org/view.php?id=CVE-2023-33106
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Corrupción de la memoria al enviar una lista grande de puntos de sincronización en un comando AUX al IOCTL_KGSL_GPU_AUX_COMMAND. Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33098 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33098
Transient DOS while parsing WPA IES, when it is passed with length more than expected size. DOS transitorio al analizar WPA IES, cuando se pasa con una longitud mayor que el tamaño esperado. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33080 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. DOS transitorio mientras se analiza un IE (elemento de información) específico del fabricante del frame de gestión de respuesta de reasociación. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33070 – Improper Authentication in Automotive OS
https://notcve.org/view.php?id=CVE-2023-33070
Transient DOS in Automotive OS due to improper authentication to the secure IO calls. DOS transitorio en sistemas operativos automotrices debido a una autenticación incorrecta en las llamadas IO seguras. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-287: Improper Authentication •