CVE-2023-33067 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33067
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. Corrupción de la memoria en el audio al llamar al comando INICIO en el PCM de voz del host varias veces para los mismos puntos de derivación RX o TX. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-33065 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-33065
Information disclosure in Audio while accessing AVCS services from ADSP payload. Divulgación de información en audio al acceder a los servicios AVCS desde el payload ADSP. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33064 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-33064
Transient DOS in Audio when invoking callback function of ASM driver. DOS transitorio en audio al invocar la función de devolución de llamada del controlador ASM. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-33046 – Time-of-check Time-of-use (TOCTOU) Race Condition in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33046
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. Corrupción de la memoria en Trusted Execution Environment al desinicializar un objeto utilizado para la validación de la licencia. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVE-2023-33037 – Cryptographic Issues in Automotive
https://notcve.org/view.php?id=CVE-2023-33037
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Problema criptográfico en Automotive al desenvolver la clave secs2d y verificar con datos de RPMB. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-310: Cryptographic Issues CWE-311: Missing Encryption of Sensitive Data •