CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-33045 – Return of Stack Variable Address in Buses
https://notcve.org/view.php?id=CVE-2024-33045
Memory corruption when BTFM client sends new messages over Slimbus to ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-562: Return of Stack Variable Address •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2024-33043 – Buffer Over-read in FM Host
https://notcve.org/view.php?id=CVE-2024-33043
Transient DOS while handling PS event when Program Service name length offset value is set to 255. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2024-33042 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
https://notcve.org/view.php?id=CVE-2024-33042
Memory corruption when Alternative Frequency offset value is set to 255. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33038 – Untrusted Pointer Dereference in Computer Vision
https://notcve.org/view.php?id=CVE-2024-33038
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-822: Untrusted Pointer Dereference •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-33035 – Integer Overflow or Wraparound in Display
https://notcve.org/view.php?id=CVE-2024-33035
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •