CVE-2023-33026 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33026
Transient DOS in WLAN Firmware while parsing a NAN management frame. DOS transitorio en el WLAN Firmware mientras se analiza un frame de administración NAN. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read CWE-400: Uncontrolled Resource Consumption •
CVE-2023-28540 – Improper Authentication in Data Modem
https://notcve.org/view.php?id=CVE-2023-28540
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Problema criptográfico en Data Modem debido a una autenticación incorrecta durante el protocolo de enlace TLS. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-287: Improper Authentication •
CVE-2023-24855 – Use of Out-of-range Pointer Offset in Modem
https://notcve.org/view.php?id=CVE-2023-24855
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Corrupción de la memoria en el Modem mientras se procesa la configuración relacionada con la seguridad antes de AS Security Exchange. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVE-2023-24853 – Improper Input Validation in HLOS
https://notcve.org/view.php?id=CVE-2023-24853
Memory Corruption in HLOS while registering for key provisioning notify. Notificación de corrupción de memoria en HLOS al registrarse para el aprovisionamiento de claves. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2023-24850 – Improper Validation of Array Index in HLOS
https://notcve.org/view.php?id=CVE-2023-24850
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Corrupción de la memoria en HLOS al importar una clave criptográfica en la aplicación de confianza KeyMaster. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-129: Improper Validation of Array Index •