CVE-2023-42528
https://notcve.org/view.php?id=CVE-2023-42528
Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. Vulnerabilidad de validación de entrada incorrecta en ProcessNvBuffering de libsec-ril anterior a SMR Nov-2023 Release 1 permite a un atacante local ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 • CWE-787: Out-of-bounds Write •
CVE-2023-42527
https://notcve.org/view.php?id=CVE-2023-42527
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information. Vulnerabilidad de validación de entrada incorrecta en ProcessWriteFile de libsec-ril anterior a SMR Nov-2023 Release 1 permite a atacantes locales exponer información confidencial. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 • CWE-20: Improper Input Validation •
CVE-2023-30739
https://notcve.org/view.php?id=CVE-2023-30739
Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. Vulnerabilidad de escritura de descriptor de archivo arbitrario en libsec-ril anterior a SMR Nov-2023 Release 1 permite a un atacante local ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 •
CVE-2023-32825
https://notcve.org/view.php?id=CVE-2023-32825
In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130. En el servicio Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-125: Out-of-bounds Read •
CVE-2023-32839
https://notcve.org/view.php?id=CVE-2023-32839
In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262576; Issue ID: ALPS07262576. En dpe, existe una posible escritura fuera de los límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •