CVE-2023-22385 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-22385
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Corrupción de la memoria en el módem de datos al realizar una llamada MO o una llamada MT VOLTE. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read CWE-787: Out-of-bounds Write •
CVE-2023-21673 – Improper Access Control in Kernel
https://notcve.org/view.php?id=CVE-2023-21673
Improper Access to the VM resource manager can lead to Memory Corruption. El acceso inadecuado al administrador de recursos de la máquina virtual puede provocar daños en la memoria. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-284: Improper Access Control •
CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • http://packetstormsecurity.com/files/173296/Qualcomm-Adreno-KGSL-Insecure-Execution.html https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVE-2023-21659 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •