CVE-2023-21673 – Improper Access Control in Kernel
https://notcve.org/view.php?id=CVE-2023-21673
Improper Access to the VM resource manager can lead to Memory Corruption. El acceso inadecuado al administrador de recursos de la máquina virtual puede provocar daños en la memoria. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-284: Improper Access Control •
CVE-2023-21664 – Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform
https://notcve.org/view.php?id=CVE-2023-21664
Memory Corruption in Core Platform while printing the response buffer in log. Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-21662 – Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform
https://notcve.org/view.php?id=CVE-2023-21662
Memory corruption in Core Platform while printing the response buffer in log. Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVE-2023-21651 – Incorrect Type Conversion or Cast in Core
https://notcve.org/view.php?id=CVE-2023-21651
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Corrupción de memoria en el Core debido a una conversión de tipo o cast incorrecto en la función secure_io_read/write en TEE. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •