CVE-2023-28537 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-28537
Memory corruption while allocating memory in COmxApeDec module in Audio. Corrupción de memoria al asignar memoria en el módulo COmxApeDec en Audio. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2022-40521 – Improper authorization in Modem
https://notcve.org/view.php?id=CVE-2022-40521
Transient DOS due to improper authorization in Modem • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVE-2022-33267 – Improper restriction of operations within the bounds of memory buffer in Linux
https://notcve.org/view.php?id=CVE-2022-33267
Memory corruption in Linux while sending DRM request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2022-33264 – Stack-based buffer overflow in Modem
https://notcve.org/view.php?id=CVE-2022-33264
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-33263 – Use after free in Core
https://notcve.org/view.php?id=CVE-2022-33263
Memory corruption due to use after free in Core when multiple DCI clients register and deregister. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-416: Use After Free •